i am new to logstash. I am trying to parse log value and applying filter on value using grok. The log data is - {"log":"11:20:15|INFO|config-app: Starting_thread\n","stream":"stdout","time":"2022-12-19T11:19:15.089894627Z"}
The logstash.conf is-
input {
beats {
port => 5045
host => "0.0.0.0"
}
}
filter {
json {
source => "message"
add_field => {
"log1" => "%{log}"
}
}
grok {
match => { "%{log1}" => ['(%{TIME:time}\|%{LOGLEVEL:logLevel}\|%{USER:microservice_name}(:) %{GREEDYDATA:logMessage}'] }
}
}
output {
elasticsearch {
hosts => "elasticsearch:9200"
user => elastic
password => yourstrongpasswordhere
index => "pj"
}
stdout {}
}
Tried running the above file but pipeline is not creating in logstash.
