Hi, Maybe asked before.... Some parsers extending the BasicParser use a patternMap which refer to the grok pattern. But what about missing values in the patternMap? Both the grok pattern files in hdfs need to be modified if absent, but also the patternMap in the code..... Or is there a dynamic way such as with GrokParser(s) that do not require recompilation?
In this case the grok pattern is already present but the tag is sent as 2 syslog severities from the device. Sincerely Pieter
