input {
  stdin { }
}

filter {
  # Adjust the grok pattern according to the PostgreSQL log format
  # Example log format: "2024-07-30 10:20:30 UTC LOG:  statement: SELECT * FROM table"
  grok {
    match => { "message" => "%{TIMESTAMP_ISO8601:timestamp} %{GREEDYDATA:log_message}" }
  }

  # Optionally, parse and format the extracted timestamp field
  date {
    match => [ "timestamp", "ISO8601" ]
    target => "@timestamp"
    # Optional: specify timezone if needed
    # timezone => "UTC"
  }
}

output {
  stdout { codec => rubydebug }
}