GrokConstructor is a helper for testing and incremental construction of regular expressions for the grok filter that parses logfile lines for Logstash .
Logstash , part of the ELK-Stack , is a tool to collect log files from various sources, parse them into a JSON format and put them into one or more databases, index engines and so forth - often elasticsearch . In the simplest case you can slurp log files from the filesystem, parse them using grok - a collection of named regular expressions - and put them into the integrated elastic search engine with a simple web frontend to search them. In my experience the hardest part is to get the regular expressions fo
TLDR ? If you want to get started right now you can just use the main menu to go to the applications. There is a short explanation at the top, and you can call up a random example to try things out. If you want to know more beforehand, read on.