Trying to parse below String
http://localhost:8080/client/session/login [email protected] backendorg with below GROK pattern
%{URIPATHPARAM:url}%{SPACE}%{EMAILADDRESS:email}%{SPACE}%{USERNAME:org} not getting complete url.
{
"org": "backendorg",
"url": "//localhost:8080/client/session/login",
"email": "[email protected]"
}```
Anyone could suggest how to get complete URL.
GROK pattern:
%{URI:url}%{SPACE}(?<email>[a-zA-Z0-9_.+=:-]+@[0-9A-Za-z][0-9A-Za-z-]{0,62}(?:\.(?:[0-9A-Za-z][0-9A-Za-z-]{0,62}))*)%{SPACE}%{USERNAME:org}
OUTPUT:
{
"url": [
[
"http://localhost:8080/client/session/login"
]
],
"URIPROTO": [
[
"http"
]
],
"USER": [
[
null
]
],
"USERNAME": [
[
null
]
],
"URIHOST": [
[
"localhost:8080"
]
],
"IPORHOST": [
[
"localhost"
]
],
"HOSTNAME": [
[
"localhost"
]
],
"IP": [
[
null
]
],
"IPV6": [
[
null
]
],
"IPV4": [
[
null
]
],
"port": [
[
"8080"
]
],
"URIPATHPARAM": [
[
"/client/session/login"
]
],
"URIPATH": [
[
"/client/session/login"
]
],
"URIPARAM": [
[
null
]
],
"SPACE": [
[
" ",
" "
]
],
"email": [
[
"[email protected]"
]
],
"org": [
[
"backendorg"
]
]
}