Open CerxMe opened 1 year ago
ipaqmaster
commented
1 year ago Also experiencing this testing some grok's intended for Elasticsearch. This platform cannot handle dot's in the semantic. I thought the pattern repository was broken at first.
SbJornS
commented
1 year ago I've seen the same issue too, tried coming up with workarounds, but so far just ended up replacing dots with underscores. This works but is far from ideal.
Grok patters should be %{SYNTAX:SEMANTIC} When the SEMANTIC value contains a dot, no outputs are parsed as is expected.
NO DOT:
HAS DOT:
