Add field to the message in logstash

Hello,

I have the following config:

input {
udp {
host => "0.0.0.0"
port => 5544
type => "f5-logs"

   }

udp {
host => "0.0.0.0"
port => 514
type => "firewall-logs"
}

  }

I want to be able to add firewall IP that sends the messages to message body

Here is the json

{
"message" => "<188>May 06 2016 15:34:30: %ASA-4-106023: Deny tcp src Outside:xxxxxxxx/20126 dst DMZ:xxxxxxxx.183/80 by access-group "110" [0xe28ed867, 0xad5a89d]\n",
"@version" => "1",
"@timestamp" => "2016-05-06T22:34:30.894Z",
"type" => "firewall-logs",
"host" => "10.1.x.x"
}

How should filter look like

If that IP is not in the original message, there's no way to add it. The UDP input doesn't track that sort of thing.

in my output section, i append the host in the beginning of the message to add to kafka

      codec => plain {
        format => "%{host}%{message}"
        charset => "CP1252"
      }

So then I updated my grok filter to properly address it, when reading from kafka input. It's working for me