'Java log parsing with logstash grok
This is my sample java log I tried to parse using Logstash
[#|2022-04-06T07:02:47.885+0800|INFO|sun-appserver2.1|javax.enterprise.system.stream.out|_ThreadID=245;_ThreadName=sun-bpel-engine-thread-6;Process Instance Id=192.168.1.1:2001:0db8:85a3:0000:0000:8a2e:0370:7334;Service Assembly Name=CommComposite;BPEL Process Name=testname;|
Register BPEL ID : 192.168.1.1:2001:0db8:85a3:0000:0000:8a2e:0370:7334|#]
I tried to use this filter to parse it
%{TIMESTAMP_ISO8601:time} %{LOGLEVEL:logLevel} %{GREEDYDATA:logMessage}
It seems this filter always left last line thus creating invalid log line. I suspect due to the [#| and |#] opening and closing tag.
Could anyone help me how to parse this kind of log so I can parse it properly?
Solution 1:[1]
Here is the grok pattern for the sample data provided by you:
%{TIMESTAMP_ISO8601:timestamp}\|%{LOGLEVEL:loglevel}\|(?<message>(.|\r|\n)*)
Output:
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Sourav |