elasticsearch/docs/reference/query-languages/esql/_snippets/commands/examples/docs.csv-spec/basicGrok.md

% This is generated by ESQL's AbstractFunctionTestCase. Do not edit it. See ../README.md for how to regenerate it.

ROW a = "2023-01-23T12:15:00.000Z 127.0.0.1 some.email@foo.com 42"
| GROK a """%{TIMESTAMP_ISO8601:date} %{IP:ip} %{EMAILADDRESS:email} %{NUMBER:num}"""
| KEEP date, ip, email, num

date:keyword	ip:keyword	email:keyword	num:keyword
2023-01-23T12:15:00.000Z	127.0.0.1	some.email@foo.com	42