Comments (3)
untergeek
commented on June 2, 2024
But I need help and I don't know where can I go.
The appropriate place for usage questions is https://discuss.elastic.co/c/logstash
Feel free to copy and paste the question there.
from logstash-filter-aggregate.
simpleuser99
commented on June 2, 2024
I post the question https://discuss.elastic.co/t/specific-grok-filter-for-multi-line-postgresql-log/56286
but I haven't help
from logstash-filter-aggregate.
simpleuser99
commented on June 2, 2024
After much effort, I made such a configuration:
filter {
grok {
match => [ "message", "%{SYSLOGTIMESTAMP:timestamp} %{SYSLOGHOST:logsource} %{SYSLOGPROG}: [%{INT:line}-%{INT:part_of_line}] %{GREEDYDATA:ostatok}" ]
}aggregate { task_id => "%{line}" code => "map['full_message'] ||= '' ; map['full_message'] += event['ostatok'] ; event['full_message'] ||= '' ; event['full_message'] = map['full_message']" }}
But I have next event on elasticsearch:
event 1: ...[137-1]...
event 2: ...[137-1] and [137-2]...
event 3: ...[2953-1]...
event 4: ...[3779-1]...
event 5: ...[138-1]...
event 6: ...[138-1] and [138-2]...
event 7: ...[3780-1]...
event 8: ...[139-1]...
event 9: ...[2954-1]...
event 10: ...[2954-1] and [2954-2]...
How I can clean my events from event 1: ...[137-1]..., event 5: ...[138-1]..., event 7: ...[2954-1]... ?
from logstash-filter-aggregate.
Related Issues (20)
- Documentation update for use case 4 HOT 9
- Error with aggregate_maps_path HOT 3
- multiple aggregate with different task_id confused HOT 2
- [@metadata][something] missing in aggregated event HOT 5
- Logstash filter Aggregate with multiple fields
- Need able to aggregate the inner structure HOT 6
- Logstash automatically loading the config file HOT 1
- [UPDATE QUERY] - pushes same data multiple times in nested array json HOT 8
- NoMethodError: undefined method `multi_filter' for nil:NilClass HOT 3
- Timeout values of one aggregate block affect another aggregate block (with different task_id pattern) HOT 4
- final flusher does not flush event when push_map_as_event_on_timeout used HOT 3
- how to split jdbc result and then migrating to nested array HOT 5
- testing aggregates => LogStash::ConfigurationError: Aggregate plugin: more than one filter which defines timeout options. But only defining once. HOT 3
- Pipeline crash if timeout_timestamp_field is missing from event HOT 3
- Pipeline crash when the aggregate maps is loaded from a file.aggregate
- logstash-filter-aggregate plugin is not merging two CDR (logs) into one index HOT 1
- Can't set timeout value based on event filed or metadata HOT 4
- How can i aggregate fix amount of events ? HOT 9
- Aggregate non ordered logs, array of value HOT 7
- aggregate nested not work HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from logstash-filter-aggregate.