reading the conf files of logstash i found in filter conf
grok {
match => { "message" => "Put\s*command\s*:\s+%{GREEDYDATA:command}" }
}
How does this filter work , i tried to search for GREEDYDATA but i couldn't understand
Asked
Active
Viewed 8,545 times
2
I'm V
- 43
- 1
- 4
1 Answers
3
GREEDYDATA means .* In grok patterns, which are a form of regular expression, a wildcard can be considered “greedy” when they expand to the most characters that it can based on the limits placed around it. So “foo.*baz” as a search on “foo bar baz foo bar baz” will return the entire string and not just the first hit. Your example will put everything matched by GREEDYDATA (.*) into the “command” variable.
jsbillings
- 24,006
- 6
- 56
- 58