jsvd
commented
6 years ago I apologize for the inconvenience, but this is a usage question, and should be asked at https://discuss.elastic.co.
GitHub is for coding issues and error reporting.
Closed shivom-25 closed 3 years ago
jsvd
commented
6 years ago I apologize for the inconvenience, but this is a usage question, and should be asked at https://discuss.elastic.co.
GitHub is for coding issues and error reporting.
hi . i was doing something similar to getting values as an array. i have my log something like this fab 20 gds 30 rt 21 i want to create two array : one contating {fab,dgs,rt} and other containing their respective value {20,30,,21} i followed the approach similar to this: https://github.com/logstash-plugins/logstash-filter-grok/issues/35 this is how i wrote my rules +1 CUSTOM_VALUE (?:%{NUMBER}) CUSTOM_LIST_VALUE (?:(\s%{WORD}[\s]%{CUSTOM_VALUE})) CUSTOM_VALUE_LIST_COMPLEX (?:(%{CUSTOM_LIST_VALUE})+)
and i am matching %{CUSTOM_VALUE_LIST_COMPLEX:category} i am getting whole fab 20 gds 30 rt 21 under CUSTOM_VALUE_LIST_COMPLEX. my question is how to get those values like array as i mentioned above from this CUSTOM_VALUE_LIST_COMPLEX