Nhan Nguyen
Reputation: 1
Grok filter for the message log
I have a message log as below "Jul 11, 2022 6:44:49 AM org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi getDefaultTrustStore INFO: Initializing with trust store at path: /app/ctrlm-agent/ctm/cm/AFT/JRE_11/lib/security/cacerts"
I need to filter Loglevel: INFO / message "org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi getDefaultTrustStore" / and the rest. Please help check my Grok below and give me advice
(?%{MONTH:month} %{MONTHDAY:day}, %{YEAR:year} (?%{TIME} AM|PM))) %{LOGLEVEL:severity} %{GREEDYDATA:message}
Thanks all
My Grok (?%{MONTH:month} %{MONTHDAY:day}, %{YEAR:year} (?%{TIME} AM|PM))) %{LOGLEVEL:severity} %{GREEDYDATA:message}
Upvotes: 0
Views: 18
Answers (0)
Related Questions
- Parse log with Grok
- GROK Filter Help Logstash
- Ignore and move to next pattern if log contains a specific word
- grok regex in logstash to parse and extract field
- After adding Prune filter along with KV filter - logs are not going to Elastic search
- What is the logstash grok pattern for apache error..?
- How to extract a field that is contained inside of another field via logstash grok config
- Logstash Grok filter - naming the fields according to content