Class ObservabilityPipelineParseGrokProcessorRule

A Grok parsing rule used in the parse_grok processor. Each rule defines how to extract structured fields from a specific log field using Grok patterns.

Hierarchy

  • ObservabilityPipelineParseGrokProcessorRule

Constructors

constructor

Properties

additionalProperties? matchRules source supportRules?

Constructors

constructor

Properties

Optional additionalProperties

additionalProperties?: {
    [key: string]: any;
}

A container for additional, undeclared properties. This is a holder for any undeclared properties as specified with the 'additionalProperties' keyword in the OAS document.

Type declaration

  • [key: string]: any

matchRules

matchRules: ObservabilityPipelineParseGrokProcessorRuleMatchRule[]

A list of Grok parsing rules that define how to extract fields from the source field. Each rule must contain a name and a valid Grok pattern.

source

source: string

The name of the field in the log event to apply the Grok rules to.

Optional supportRules

supportRules?: ObservabilityPipelineParseGrokProcessorRuleSupportRule[]

A list of Grok helper rules that can be referenced by the parsing rules.

Settings

Member Visibility

Theme

Generated using TypeDoc