LOG: WARN | wrapper | 2019/06/14 03:25:53 | New Value wrapper.java.additional.2=-Dcom.datasweep.plantops.j2eevendor=WebSphere
GROK Pattern: %{LOGLEVEL:level:tag}%{SPACE}|%{SPACE}%{NOTSPACE:Component}%{SPACE}|%{SPACE}(?[0-9]{4}/[0-9]{2}/[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2})%{SPACE}|%{SPACE}%{GREEDYDATA:message}
Regular Expression: LOGFILE ?.?\S+)\s|\s*(?\b\w+\b)\s*|\s*(?[0-9]{4}/[0-9]{2}/[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2})\s*|\s*(?.*)
Please suggest me which Input plugin need to use.I use as below
[[inputs.tail]]
[[inputs.tail]]
files = [“C:/Rockwell/FTApplicationMonitoring/MonitoringServer/Pxxx/sos.log”]
##Read file from beginning.
from_beginning = true
Whether file is a named pipe
pipe = false
data_format = "influx"
grok_patterns= ["%{LOGLEVEL:level:tag}%{SPACE}\|%{SPACE}%{NOTSPACE:Component}%{SPACE}\|%{SPACE}(?<timestamp>[0-9]{4}/[0-9]{2}/[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2})%{SPACE}\|%{SPACE}%{GREEDYDATA:message}"]
need to elobrate something else.
name_override = "sos1_logs"
Here Telegraf is not at all running…
[[inputs.logparser]]
[[inputs.logparser]]
files = [“C:/Rockwell/FTApplicationMonitoring/MonitoringServer/Pxxx/sos.log”]
from_beginning = false
[inputs.logparser.grok]
#patterns = ["%{WORD}%{COMPONENT}%{CUSTOM_TIME}%{MESSAGE}"]
patterns = ["%{COMBINED_LOG_FORMAT}%{LOGLEVEL:level:tag}%{SPACE}\|%{SPACE}%{NOTSPACE:Component}%{SPACE}\|%{SPACE}(?<timestamp>[0-9]{4}/[0-9]{2}/[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2})%{SPACE}\|%{SPACE}%{GREEDYDATA:message}"]
## Name of the outputted measurement name.
measurement = "sos_logs"
Here also telegraf is not running and if i use CUSTOM_PATTERN then telegraf is running but the measurement will not creating in influxDB.
