So if i was looking to extract a bunch of data from a log entry like logstash i would probably be looking at creating pipelines? It seems extractors are good for grabbing single things from a log entry correct?
It depends. The Grok and JSON extractors are perfectly capable of creating more than one new message field.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.