I want to transfer a example log file to grok regex and couldn't find a way online. How to transfer the log message to grok regex.
I want to transfer something like this " 2019-07-09 13:51:00,146 INFO Thread-89 task.AbstractTaskProcessor(106) messages" to grok regex
Windows machine. I have try multiple ways to convert the log message to regex but none of them works. The Kibana doens't display the Filed of Loglevel.
grok {
match => {
"messgae" => "%{TIMESTAMP_ISO8601:timestamp} *%{LOGLEVEL:level} (?<logthread>(?:[()a-zA-Zd-]+[0-9]*))
%{JAVACLASS:class} %{NUMBER} %{GREEDYDATA:message}
}
}
The Kibana should have loglevel as a field
you can try this :
%{TIMESTAMP_ISO8601:timestamp},%{NUMBER} %{LOGLEVEL:level} %{DATA:logthread} %{DATA:class}\(%{NUMBER}\) %{GREEDYDATA:message}
I tested it on :
2019-07-09 13:51:00,146 INFO Thread-89 task.AbstractTaskProcessor(106) messages
you will get the following fields:
timestamp 2019-07-09·13:51:00
message messages
class task.AbstractTaskProcessor
logthread Thread-89
level INFO