logstash-grok中匹配模式的提取_Logstash_Logstash Grok

logstash-grok中匹配模式的提取

logstash

logstash-grok中匹配模式的提取,logstash,logstash-grok,Logstash,Logstash Grok,我有一份相当长的比赛陈述，比如 grok { patterns_dir => ["/etc/logstash/pattern"] match => ["message", "%{PATTERN_1}", "message", "%{PATTERN_2}", # ... many more following "message", "%{PA

我有一份相当长的比赛陈述，比如

    grok {
        patterns_dir => ["/etc/logstash/pattern"]
        match => ["message", "%{PATTERN_1}",
                  "message", "%{PATTERN_2}",
                 # ... many more following
                  "message", "%{PATTERN_N}"]
        tag_on_failure => []
        add_tag => [ "parsed" ]
    }

是否有方法将匹配模式的名称提取到新字段中，例如“match_pattern”：“pattern_1”

我尝试了命名模式：匹配=>[“消息”，“%{PATTERN_1:PATTERN_1}] 将消息字段复制到名为PATTERN_1的新字段。我需要的是指定匹配模式名称的给定字段。有什么想法吗