0

If my logs are in a key=value format, is there a way to make a filter pattern by keyword in AWS elasticsearch? So far I just don't see a way.

Log:

timestamp=[2016-03-02 17:02:46,129] level=INFO  transaction_id=352841324125 category=org.apache.catalina.core.ContainerBase msg=Calling endpoint xyz
alexwlchan
  • 5,699
  • 7
  • 38
  • 49
alexfvolk
  • 1,810
  • 4
  • 20
  • 40

1 Answers1

0

Convert the log message in JSON format as it is key-value pair only.

Then, use format in the filter. json { source => 'logmessage' }

https://www.elastic.co/guide/en/logstash/5.0/plugins-filters-json.html

user5645373
  • 29
  • 1