alias
(alias)
#1
HI,
I parse any logs. When I use the IP grok pattern, it create a IPV4 field.
In my grok pattern in the extractor input, I do %{IP:assetIp} but the extractor create two field : IPV4 and assetIP.
How to do for not display the base grok pattern field name ?
Thanks
jochen
(Jochen)
#2
Enable the “Named captures only” setting in the Grok extractor configuration.
alias
(alias)
#3
Oh thanks, I’ve not see this …
This topic can be closed
system
(system)
closed
#4
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
