Optional additionalA container for additional, undeclared properties. This is a holder for any undeclared properties as specified with the 'additionalProperties' keyword in the OAS document.
Set of rules for the grok parser.
Optional isWhether or not the processor is enabled.
Optional nameName of the processor.
Optional samplesList of sample logs to test this grok parser.
Name of the log attribute to parse.
Type of logs grok parser.
Generated using TypeDoc
Create custom grok rules to parse the full message or a specific attribute of your raw event. For more information, see the parsing section.