Skip to main content

Posts

Showing posts from December, 2016

Logstash Grok Filter Example For Jboss Server Access Logs

Logstash is a great tool for centralizing application server logs. Here is an excerpt from a jboss application server's access logs and corresponding grok filter for them.
Jboss Access Logs:

Converting some fields' data types to numbers (in the example integer and float) are useful for later statistical calculations. Logstash Filter (Logstash Version 2.3.4)

When logs are sent to elasticsearch, string fields would be stored as analyzed fields.