This codec is useful for merging multiple lines of data with a single event. This codec comes in very handy when dealing with stack traces or single event information that is spread across multiple lines.

The sample usage of this codec plugin is shown in the following snippet:

input {
  file {
    path => "/var/log/access.log"
    codec => multiline {
      pattern => "^s "
      negate => false
      what => "previous"
    }
  }
}

The preceding multiline codec combines any line starting with a space with the previous line.