Dan Hermann
GitHub
parent
068f605040
commit
c9be9963a8
|
|
@ -308,6 +308,33 @@ The above request will return a response body containing a key-value representat
|
|||
--------------------------------------------------
|
||||
// NOTCONSOLE
|
||||
|
||||
By default, the API returns patterns in the order they are read from disk. This
|
||||
sort order preserves groupings of related patterns. For example, all patterns
|
||||
related to parsing Linux syslog lines stay grouped together.
|
||||
|
||||
You can use the optional boolean `s` query parameter to sort returned patterns
|
||||
by key name instead.
|
||||
|
||||
[source,console]
|
||||
--------------------------------------------------
|
||||
GET _ingest/processor/grok?s
|
||||
--------------------------------------------------
|
||||
|
||||
The API returns the following response.
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
{
|
||||
"patterns" : {
|
||||
"BACULA_CAPACITY" : "%{INT}{1,3}(,%{INT}{3})*",
|
||||
"BACULA_DEVICE" : "%{USER}",
|
||||
"BACULA_DEVICEPATH" : "%{UNIXPATH}",
|
||||
...
|
||||
}
|
||||
--------------------------------------------------
|
||||
// NOTCONSOLE
|
||||
|
||||
|
||||
This can be useful to reference as the built-in patterns change across versions.
|
||||
|
||||
[[grok-watchdog]]
|
||||
|
|
|
|||
Loading…
Reference in New Issue