This is the an example log:
2022-01-07 11:05:01,185 [http-nio-8080-exec-526] WARN de.web.Main| = - Error while execute Request
javax.servlet.ServletException: com.cg.blart.web.HttpInvocationException: Invalid tenant session
at com.cg.blume.web.DispatchingServlet.doGet(DispatchingServlet.java:169)
at de.jinx.lee.web.AutoDBUpgradeDispatchingServlet.lambda$doGet$0(AutoDBUpgradeDispatchingServlet.java:200)
at de.jinx.lee.web.AutoDBUpgradeDispatchingServlet.addMDCKey(AutoDBUpgradeDispatchingServlet.java:297)
Caused by: com.cg.blume.web.HttpInvocationException: Invalid tenant session
at com.cg.blume.web.procedure.HttpSessionManager.get(HttpSessionManager.java:190)
at de.jinx.lee.web.session.leeHttpSessionManager.get(leeHttpSessionManager.java:76)
... 41 more
This ist the pattern so far:
^.*?Exception: +%{DATA:exception}$
The output i get is close but no cigar: "com.cg.blart.web.HttpInvocationException: Invalid tenant session". For the live of me i dont get it to match the whole line. Can you show me the way? The desired output is:
javax.servlet.ServletException: com.cg.blart.web.HttpInvocationException: Invalid tenant session
Here is a link for a test tool: https://grokdebug.herokuapp.com/
Solution was this pattern:
(?<DATA:mps_exception>.*?(Exception:).*)
It is explained here: https://www.elastic.co/guide/en/logstash/current/plugins-filters-grok.html#_custom_patterns