Regex Parser

Regex parser parses a log field's value with a Regular Expression.

Example

Suppose we have following log event

Input
Input
{
"_message": "5.86.210.12 - zieme4647 5667 [19/06/2019:17:20:49 -0400] \"GET /embrace/supply-chains/dynamic/vertical\" 201 20574"
}

To apply regex parser on _message field, fill out function form. In this example, the regex pattern we want to use is:

(?P<host>[\w\.]+) - (?P<user>[\w]+) .* \[(?P<timestamp>.*)\]

Output event will look like following:

Output
Output
{
"_message": "5.86.210.12 - zieme4647 5667 [19/06/2019:17:20:49 -0400] \\\"GET /embrace/supply-chains/dynamic/vertical\\\" 201 20574",
"host": "5.86.210.12",
"timestamp": "19/06/2019:17:20:49 -0400",
"user": "zieme4647"
}