Ping a Specific Port

Question

gspoosi

Asked: 2019-05-17 07:30:07 +0800 CST2019-05-17 07:30:07 +0800 CST 2019-05-17 07:30:07 +0800 CST

Parsing or Reformatting Logs before feeding them to Splunk or Elastic Search

772

I have very complex log messages, that I want to reduce to the most important fields in order to save quota.

The log messages are multiline and there is a lot of redundant information in them. A solution is to script something to reformat these logs into oneliners before feeding them to the splunk forwarders, but I would prefer to use an already existing solution. I thought about using something like logstash or fluentd, but they don't seem to really match my usecase.

Does anybody have experience with log parsing for Splunk or ELK and knows of a good utility do this?

Thanks & Best Regards!

1 Answers

Voted

RichG · Answer 1 · 2019-05-17T10:32:39+08:00

RichG

2019-05-17T10:32:39+08:002019-05-17T10:32:39+08:00

This is common when dealing with Windows event logs. Many address the problem by using SEDCMD in transforms.conf to edit the events.

Another solution is to pre-process the events with Cribl (https://www.cribl.io/).

2

Parsing or Reformatting Logs before feeding them to Splunk or Elastic Search

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?