Aggregate data to month level from csv file

Elastic Stack Logstash
1

Hi All

I have a dataset in below form in the csv format

Order Date Amount
Order001 10-Jan-2018 10
Order001 11-Jan-2018 20
Order001 12-Jan-2018 30
Order001 13-Jan-2018 40
Order002 14-Jan-2018 50
Order002 15-Jan-2018 60
Order002 16-Jan-2018 70
Order003 2-Feb-2018 80
Order003 3-Feb-2018 90
Order003 4-Feb-2018 100
Order004 5-Feb-2018 20
Order004 6-Feb-2018 10
Order005 7-Feb-2018 10

I want expected output in the below form, which is data summed up at month level

Month Amount
Jan-18 280
Feb-18 310

Since my dataset is in csv format, i am using following conf file, what filter plugin i should use to aggregate data at month level

input{
	file {
	      path => "/xyz.csv"
		  sincedb_path => "/xyz.txt"
          type => "data"
          start_position => "beginning"
      }
	} 
filter {
			
			csv {
			columns => ["Order","Date","Amount"]
			separator => ","
		}
		mutate {  
convert => { "Amount" => "integer"}
 }  
date { match => [ "Date", "dd-MMM-yyyy"] 
 target => "Date"} 

		
	} 
output {  
stdout { codec => rubydebug }  
		.......
		{  
			action => "index"   
			hosts => "https://localhost:xxxx"
			........
		}
}

Thanks!

2

It looks a lot like example 4 in the documentation for the aggregate filter.

    mutate {
        convert => { "Amount" => "integer"}
        gsub => [ "Date", ".*-([a-zA-Z]+)-20([0-9]+)", "\1-\2" ]
    }
    aggregate {
        task_id => "%{Date}"
        code => "
            map['Date'] = event.get('Date')
            map['sum'] ||= 0
            map['sum'] += event.get('Amount')
            event.cancel()
        "
        push_previous_map_as_event => true
        timeout => 3
    }
3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.