Apologies in advance for such basic questions, I am familiar with log aggregation tools and have used Graylog as a user (as well as other tools) but I’m not clear on where to start in defining howto consume non-standard log files.
I have a log file format that is specific to an application, the logs are text files where the lines conform to one of several formats depending on the content - occasionally they may span multiple lines.
To get started I’m trying to find out how I first consume them but then how I break them up, extract the timestamp etc and depending on the “line type” I want to parse out different fields. I’m familiar with Regex and have several scripts that match different line types, could someone maybe give me some pointers on how to build the “consumer” rules, where to put them and how to test them?
A head start would be much appreciated!