grok documentation¶

The grok documentation almost makes sense to me.

optional fields:¶

(stuff=%{WORD:value})?

notes

Navigation

databases
elastic stuff
kubernetes
OpenSSH
Operating Systems
OSSEC
rsyslogd
ssl
Stupid Unix Tricks
Tools
Vendor Stuff
misc

Related Topics

Documentation overview
- elastic stuff
  - logstash
    - filter
      - Previous: filter
      - Next: kv parser

Quick search

This information has a good chance of being wrong, inconsistent, out of date, or just bad. Use at your own risk. Feel free to notify me of any issues though.