Multiple patterns in one log

You could use multiple patterns for your grok filter, grok { match => [“fieldname”, “pattern1”, “pattern2”, …, “patternN”] } and they will be applied in order but a) it’s not the best option performance-wise and b) you probably want to treat different types of logs differently anyway, so I suggest you use conditionals based on … Read more