I am exploring graylog…I have usecase where I have logfiles(generated from multiple sources) available in my system. I need to parse them and log files have following format
each log message is separated by ‘|’
we have standardized the fields/columns for logged messages, but their order can change among different files. So we are maintaining first line in each log file as header which is also separated with “|”
there are a lot of option available but not sure which will work, so it will be helpful if I get guidance on this on how we can achieve this
Note : Dashboarding will done on the resultant fields
folowing is the sample logfile content
Date_Time|Log_Type|Module_Name|Activity_Performed|Activity_Status|Activity_Message|EndPoint_URL|Response_Code|Exception
2020-04-10 17:14:05|INFO|User Authentication|ogin|Success|Configuration /admin activity done: User login attempt with credentials has success|admin/login|200|
2020-04-10 17:14:06
|INFO|User Authentication|Login|Success|Configuration /admin activity done: User login attempt with credentials has success|admin/login|200|
I am using Sidecar for collecting data using filebeat
