Re: logstash config

[Gurvinder Singh]

This is the config we use for mesos logs

MESOSTIMESTAMP %{MONTHNUM}%{MONTHDAY} %{HOUR}:%{MINUTE}:%{SECOND}

MESOSLOG 
%{DATA:loglevel}%{MESOSTIMESTAMP:timestamp}\s+%{POSINT:pid}\s+%{NOTSPACE:class}:

in logstash config

if [type] == "mesos" {
    grok {
      patterns_dir => ["path to your patterns dir"]
      match        => ["message", "%{MESOSLOG}"]
    }
}

- Gurvinder
On 03/06/2015 03:40 AM, David J. Palaitis wrote:
> Anyone out there have a logstash config for Mesos log format they'd like
> to share? I'm finding the date format stubbornly difficult to map to
> timestamp.
>