Structuring Log Data

Structuring Log Data


To purchase this eLearning please click "Purchase" below. If you are purchasing for someone else please check "This is for someone else".

The eLearning is priced at $ 200.00 USD per participant


Logs aren’t always the easiest things to read, but Elasticsearch can help with that. This course teaches you how to structure your unstructured data using an Elasticsearch ingest node.
Note: This course is a module of the Logging specialization.


Starting with a simple case of parsing a log file with a predefined parser, you will learn how to parse unstructured event data in hybrid cases using custom grok patterns. You will also learn how to handle and debug ingest errors along the way. After completing this course, you will be able to structure your log data however you want, regardless of its initial format.

Topics Covered

  • Structuring Unstructured Data
  • Extracting Fields
  • Combining Text Patterns with Grok
  • Advanced Grok Techniques
  • Hybrid Cases and Best Practices
Download Course Outline


2-3 hours


Software Developers and Engineers, Data Architects, System Administrators, DevOps




We recommend taking the following foundational courses (or having equivalent knowledge):


  • Stable internet connection
  • Mac, Linux, or Windows
  • Latest version of Chrome or Firefox (other browsers not supported)
  • Disable any ad blockers and restart your browser before class

Additional Information

Training Specializations

This course is a module of the Logging specialization. Find out how our focused Training Specializations can help you with your use case.

General Training Information

All training materials are provided via the Elastic training portal. Have training questions? Review our FAQ or email us.