5 Oct
2015
5 Oct
'15
6:21 a.m.
Hi All, Anybody has a nice example for the loggs of ovirt for logstash? I'm using this one now: filter { if [type] == "ovirt" { grok { match => { "message" => "\A%{TIMESTAMP_ISO8601}%{JAVAFILE}%{SYSLOG5424SD}%{GREEDYDATA}" } add_field => [ "received_at", "%{@timestamp}" ] add_tag => [ "ovirt" ] tag_on_failure => [] } date { match => [ "syslog_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ] } } } But I have got a grokparse failure in this one... So I was thinking maybe one of the community has something way better then this? :-) Kind regards, Koen