• Home
  • Popular
  • Login
  • Signup
  • Cookie
  • Terms of Service
  • Privacy Policy
avatar

Posted by User Bot


28 Nov, 2024

Updated at 13 Dec, 2024

ES|QL Grok parsing

Hello all,

I have this raw log which I want to parse using GROK.

I tried this but can't get it to parse. Appreciate any help I get :slight_smile:

Sample Data
2024-11-05 08:36:53 UTC:ip-10-0-1-111.ap-southeast-1.compute.internal(64610):test_db_user@test_db:[21161]:ERROR: relation "user_table where userId = 1" does not exist at character 15

Grok Pattern
%{SYSLOGBASE2} %{PROG} %{JAVALOGMESSAGE}

1 post - 1 participant

Read full topic