第一次测试可用 grok内置正则:
使用kabala内置grok测试链接 :
http://ip:5601/app/kibana#/dev_tools/grokdebugger日志:
[2021-01-04 15:54:14.707][INFO][cn.com.XXXX.mms.component.ons.consumer.NWMessageListener]XXXX日志写入路径:/home/tomcat8/jsonData/log/nuanwa/2021/1/policyIssue/826202101110100026854_3936826_receive.txtgrok过滤规则:
\[%{DATA:timestamp}\]\[%{WORD:verb}\]\[%{URIPROTO:request}\].*\:%{URIPATHPARAM:mes}效果:
{
"request": "cn.com.XXXX.mms.component.ons.consumer.NWMessageListener",
"verb": "INFO",
"mes": "/home/tomcat8/jsonData/log/nuanwa/2021/1/policyIssue/826202101110100026854_3936826_receive.txt",
"timestamp": "2021-01-04 15:54:14.707"
}