Hello everybody,
i would like to flag messages if they contain an exception. I receive messages from heterogenous inputs so unfortunately the messages dont always look the same, e.g.:
message1:
2018-09-27 10:00:02,673 [pool-2-thread-35] ERROR - Exception catched from synchronous execution of ProtocolDownloadOrder (id=906452)
message2:
2018-09-26 17:23:10,705 ERROR [JMSCCThreadPoolWorker-4] SYS - - - - Critical in JMS Connection Factory. Trying to reestablish connection.
I was wondering what is the best strategy (respectively to cpu usage) to flag the matching messages. At the moment i grok a common field (trimmed-message) and if this common field contains an exception i will flag. Another thing i would like to do is to check the exception against a white list (some exceptions dont need to be flagged).
Can anybody tell me if im running in the right direction or is there an easier way to achieve my goal?
Thanks in advance!
Cheers