diff options
Diffstat (limited to 'elasticstack/logstash')
-rw-r--r-- | elasticstack/logstash/conf/onap-pipeline.conf | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/elasticstack/logstash/conf/onap-pipeline.conf b/elasticstack/logstash/conf/onap-pipeline.conf index a18b216..5b32038 100644 --- a/elasticstack/logstash/conf/onap-pipeline.conf +++ b/elasticstack/logstash/conf/onap-pipeline.conf @@ -124,18 +124,22 @@ filter { 'message', '\t$', '\t' ] } - kv { - field_split => "\t" - trim_key => "\s" - trim_value => "\s" - } grok { break_on_match => false match => { - "message" => "%{TIMESTAMP_ISO8601:Timestamp}\t%{GREEDYDATA:Thread}\t%{SPACE}%{LOGLEVEL:loglevel}%{SPACE}\t%{JAVACLASS:Logger}\t(?:[^\t]+\t)*%{GREEDYDATA:message}" + "message" => ["%{TIMESTAMP_ISO8601:Timestamp}\t%{GREEDYDATA:Thread}\t%{SPACE}%{LOGLEVEL:loglevel}%{SPACE}\t%{JAVACLASS:Logger}\t(?:[^\t]+\t)*%{GREEDYDATA:message}", + "(?<MDCs>.*\t)" + ] } overwrite => ["message"] } + kv { + source => "MDCs" + field_split => "\t" + trim_key => "\s" + trim_value => "\s" + remove_field => [ "MDCs" ] + } } } |