Hi, To parse my logs and reuse all my Grok pattern, i use the Java Grok API directly in my DataStream. Please see : https://github.com/thekrakken/java-grok
With that you should be able to get rid of the full Logstash piece and use only the Grok part. Another solution, for example if you have logs/events in CEF Format, you can just use 'split' in the flatmap function for example. Hope will help. Regards, Sebastien.
