elasticsearch 如何使用filebeat处理器剖析日志中的不均匀空间

guykilcj 于 2022-12-11 发布在 ElasticSearch

关注(0)|答案(1)|浏览(105)

I have a python microservice that output logs like so:

INFO    ; 2022-12-02 01:30:00; bla bla bla...
DEBUG   ; 2022-12-02 01:30:00; bla bla bla...

Note how the space is different on the loglevel. I am parsing it like so:

- dissect:
                        tokenizer: "%{log.level}    ;%{+timestamp} ; %{?message}"
                        field: "message"
                        target_prefix: ""

Which work for the first line, not the second. Anyone know if there is a solution for such case?
Thank you.

elasticsearch

来源：https://stackoverflow.com/questions/74705593/how-to-dissect-uneven-space-in-log-with-filebeat-processors

1条答案

按热度按时间

nle07wnf1#

您需要使用右填充修饰符

add this
                           || 
- dissect:                 vv
    tokenizer: "%{log.level->};%{+timestamp} ; %{?message}"
    field: "message"
    target_prefix: ""

赞(0）回复(0）举报 2022-12-11

我来回答

elasticsearch 如何使用filebeat处理器剖析日志中的不均匀空间

1条答案

相关问题

热门标签

最新问答