Hello, dear. I raised the other day ELK in order to monitor certain parameters from the nginx log. I set up Grok, the data goes in the right format, Filestat sends data to Logstash. But I can not understand in which part of the stack I need to drive a regular session that will filter only logs with the necessary GET parameter, i.e. begin with strings of type / ABC and exclude strings in which there can be data of type / download / ABC. The regular form itself is the simplest, I understand that, but in Kiban I could not get it to look for data.

  • url: ^/ABC not working? - etki
  • Not. In my case, this is a request, but still no - Alexander Novikov

0