Interesting, thanks Lehuede. Will take a look. --Aarti
On Thu, Aug 30, 2018 at 5:59 PM, Lehuede sebastien <lehued...@gmail.com> wrote: > Hi, > > To parse my logs and reuse all my Grok pattern, i use the Java Grok API > directly in my DataStream. Please see : https://github.com/thekrakken/ > java-grok > > With that you should be able to get rid of the full Logstash piece and use > only the Grok part. > > Another solution, for example if you have logs/events in CEF Format, you > can just use 'split' in the flatmap function for example. > > Hope will help. > > Regards, > Sebastien. > -- Aarti Gupta <https://www.linkedin.com/company/qualys> Director, Engineering, Correlation aagu...@qualys.com T Qualys, Inc. – Blog <https://qualys.com/blog> | Community <https://community.qualys.com> | Twitter <https://twitter.com/qualys> <https://www.qualys.com/email-banner>
