0

This is my sample java log I tried to parse using Logstash

[#|2022-04-06T07:02:47.885+0800|INFO|sun-appserver2.1|javax.enterprise.system.stream.out|_ThreadID=245;_ThreadName=sun-bpel-engine-thread-6;Process Instance Id=192.168.1.1:2001:0db8:85a3:0000:0000:8a2e:0370:7334;Service Assembly Name=CommComposite;BPEL Process Name=testname;|
Register BPEL ID : 192.168.1.1:2001:0db8:85a3:0000:0000:8a2e:0370:7334|#]

I tried to use this filter to parse it

%{TIMESTAMP_ISO8601:time} %{LOGLEVEL:logLevel} %{GREEDYDATA:logMessage}

It seems this filter always left last line thus creating invalid log line. I suspect due to the [#| and |#] opening and closing tag.

Could anyone help me how to parse this kind of log so I can parse it properly?

Improve this question

1 Answer 1

Reset to default
1

Here is the grok pattern for the sample data provided by you:

%{TIMESTAMP_ISO8601:timestamp}\|%{LOGLEVEL:loglevel}\|(?<message>(.|\r|\n)*)

Output:

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.