Capture full line of log file

Dietmar_Schurr · November 26, 2025, 9:49am

Hello,

we try to send log entries from logfiles to opensearch with telegraf.

This works with this config:

[[inputs.file]]
alias = “graylog”
files = [“/var/log/graylog-server/server.log”]
file_tag = “server.log”
file_path_tag = “/var/log/graylog-server/server.log”

data_format = “grok”

grok_patterns = [‘%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:loglevel}%{SPACE}[%{NOTSPACE:process:string}]%{SPACE}%{GREEDYDATA:msg:string}’]
grok_timezone = “Europe/Berlin”

grok_multiline = true

The defined fields in the grok pattern show in opensearch, that’s fine.

In addition we want to have the full log messeage (the complete line) in opensearch. How can I achieve this?

Thanks in advance,

Dietmar

Topic		Replies	Views
Telegraf - inputs.logparser problems - Grok no match Telegraf influxdb , telegraf	7	5388	April 26, 2018
telegraf multiline log message and inputs.tail.multiline input plugin	0	1831	April 19, 2021
Telegraf Tail plugin - Multiline management telegraf , tail	1	1363	April 20, 2021
Why is data_format (grok) not happy? Telegraf telegraf , logging	7	165	August 5, 2024
Custom log parsing with latest Tail Plugin, GROK and InfluxDB (Grafana ready) Telegraf influxdb , telegraf	7	16126	July 3, 2020

Capture full line of log file

Related topics