ELB log file parsing

Follow
Avatar
Scott Ponder

I have created a collector for my elb logs and used the text AWS_ELB for the source category.  My assumption is that it will then parse the incoming messages allowing me to access columns relating to requestProc, cli_Response and ba_Response.  Just searching on * doesn't appear to show those columns. 

 

Thanks for your time

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Colin Corstorphine

    Hi Scott,

    Applying a source category for the logs will not automatically parse fields out of a message. However, you have a couple options available to meet the need:

    • Save a search that has the appropriate parse statement included.
    • Create a "Field Extraction" rule that will parse the fields upon ingest. This Beta feature will be available to all users shortly but if you are interested we can turn it on for you early and work on proper application.

    Please reach out to customer-success@sumologic.com for further assistance.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post