Skip to main content

Logstash Grok Filter Example For Jboss Server Access Logs

Logstash is a great tool for centralizing application server logs. Here is an excerpt from a jboss application server's access logs and corresponding grok filter for them.

Jboss Access Logs:


Converting some fields' data types to numbers (in the example integer and float) are useful for later statistical calculations.
Logstash Filter (Logstash Version 2.3.4)


When logs are sent to elasticsearch, string fields would be stored as analyzed fields.

Comments

Popular posts from this blog

Find and replace with sed command in Linux

Find and replace feature is always handy. It can turn into a torture when it comes to change or delete a simple constant string in a text file. There is a handy tool in linux for doing these kind of tihngs. Actually sed is not a text editor but it is used outside of the text file to make changes.