1.7 KiB
1.7 KiB
| layout | title | parent | grand_parent | nav_order |
|---|---|---|---|---|
| default | grok | Processors | Configuring Data Prepper | 45 |
grok
Overview
Takes unstructured data and utilizes pattern matching to structure and extract important keys and make data more structured and queryable.
| Option | Required | Type | Description |
|---|---|---|---|
| match | No | Map | Specifies which keys to match specific patterns against. Default is an empty body. |
| keep_empty_captures | No | Boolean | Enables preserving null captures. Default value is false. |
| named_captures_only | No | Boolean | enables whether to keep only named captures. Default value is true. |
| break_on_match | No | Boolean | Specifies whether to match all patterns or stop once the first successful match is found. Default is true. |
| keys_to_overwrite | No | List | Specifies which existing keys are to be overwritten if there is a capture with the same key value. Default is []. |
| pattern_definitions | No | Map | Allows for custom pattern use inline. Default value is an empty body. |
| patterns_directories | No | List | Specifies the path of directories that contain customer pattern files. Default value is an empty list. |
| pattern_files_glob | No | String | Specifies which pattern files to use from the directories specified for pattern_directories. Default is *. |
| target_key | No | String | Specifies a parent level key to store all captures. Default value is null. |
| timeout_millis | No | Integer | Maximum amount of time that should take place for the matching. Setting to 0 disables the timeout. Default value is 30,000. |