Response : "timestamp":"2023-04-21T06:27:06.255+00:00","status":404,"error":"Not Found","path":"/logs"
Grok filter : (?<timestamp>%{TIMESTAMP_ISO8601})\s+%{NUMBER:response_code}\s+%{DATA:error}\s+%{DATA:path}
also treid : (?<timestamp>%{TIMESTAMP_ISO8601})\,+%{NUMBER:response_code}\,+%{DATA:error}\,+%{DATA:path}
I am facing issue to create filter for my response , Please suggest .
Try this,
"timestamp":"%{TIMESTAMP_ISO8601:timestamp}","status":%{NUMBER:status:int},"error":"%{DATA:error}","path":"%{DATA:path}"