Handle request IDs with hyphens

[chef.git] / cookbooks / logstash / templates / default / logstash.conf.erb

diff --git a/cookbooks/logstash/templates/default/logstash.conf.erb b/cookbooks/logstash/templates/default/logstash.conf.erb
index 68c9fd9210d9b589c5f4a5b2b01b1b2714a3126e..7608e2b5b2555fd63a574cd5d0827c4ef56425f3 100644 (file)
--- a/cookbooks/logstash/templates/default/logstash.conf.erb
+++ b/cookbooks/logstash/templates/default/logstash.conf.erb
@@ -9,7 +9,7 @@ input {
 filter {
   if [type] == "apache" {
     grok {
-      match => [ "message", "%{COMBINEDAPACHELOG} %{NUMBER:duration:int}us %{WORD:request_id} %{NOTSPACE:ssl_protocol} %{NOTSPACE:ssl_cipher}" ]
+      match => [ "message", "%{COMBINEDAPACHELOG} %{NUMBER:duration:int}us %{NOTSPACE:request_id} %{NOTSPACE:ssl_protocol} %{NOTSPACE:ssl_cipher}" ]
     }
     date {
       match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
@@ -18,6 +18,9 @@ filter {
     json {
       source => "message"
     }
+    mutate {
+      remove_field => [ "message" ]
+    }
   }
 }