Nhan Nguyen
Reputation: 1
How can i match multi-lines of log to a single using Grok
I have a message with multi-lines need to match using Grok. Can everyone help me check and correct my grok below. Thanks
Log message:
"[timestamp: 1621431760] abort handler of pid 1823 thread 1848977280
*** Stacks of threads *** (current thread is 1848977280)
Stack of thread=1848977280, depth=3 main
shutdownServices
EMThriftServer::stop"
I tried: [%{WORD}: %{NUMBER:dts}] %{GREEDYDATA:rest}\n\s+%{GREEDYDATA:ini_mess}
Upvotes: 0
Views: 16
Answers (0)
Related Questions
- Parse log with Grok
- logstash grok, parse a line with json filter
- multiline grok pattern matched to multiple single lines inside kibana
- How to Make Epoch Time which is there in the middle of my log as @timestamp in Logstash?
- Grok parser: How to parse log message
- Grok pattern for log
- grok pattern to parse the logs using logstash
- Unable to get the parse value out of multi-line logs in logstash
- Logstash grok pattern for pgpool logs
- Logstash configuration error on Regular expression for matching pattern