n***@public.gmane.org
2012-12-03 11:23:49 UTC
Hello,
I am collecting the following logs :
Nov 22 11:45:02 ...
Dec 3 11:45:02 ...
Depending on the date, I am sometimes getting one or two space between the
month and the monthday
My grok pattern for 1 space was : "%{MONTH}%{SPACE}%{MONTHDAY} .*"]
I have tried to add a custom pattern for matching one or two space :
SPACE \s*
ONEORTWOSPACE ((?:%{SPACE})|(?:(%{SPACE}%{SPACE})))
I have already tried to add / remove some () but my syntax seems to be
wrong as logstash doesn't start
Thanks for your help !
--
I am collecting the following logs :
Nov 22 11:45:02 ...
Dec 3 11:45:02 ...
Depending on the date, I am sometimes getting one or two space between the
month and the monthday
My grok pattern for 1 space was : "%{MONTH}%{SPACE}%{MONTHDAY} .*"]
I have tried to add a custom pattern for matching one or two space :
SPACE \s*
ONEORTWOSPACE ((?:%{SPACE})|(?:(%{SPACE}%{SPACE})))
I have already tried to add / remove some () but my syntax seems to be
wrong as logstash doesn't start
Thanks for your help !
--