I have couple of different url patterns in my logs and I want to write a regex to extract different url patterns into a field and group the similar patterns together and display a chart . following are the sample url patterns i have in logs
search/anc/v1/item/country/China/sample/10
search/anc/v1/sample/list-sample
search/api/v1/samplelinks/country/china/state/10/Type/4
Following is the sample log event :-
1.10.137.68 1.10.17.12 - - [17/Ag/2018:7:8:34 +000] "POST search/anc/v1/item/country/China/sample/10 HTTP/1.1" 400 165 9 8
my current search query is as follows which is extracting all url from logs :-
search |rex "\s+\/(?uri_path\S+)" | chart count over uri_path by Date
↧