Aggregate logs when fields are common in events

saad · July 12, 2018, 1:41pm

How can I aggregate events in logstash whenever let say the sourceAddress, username and sitename fields are equal in events and be aggregated in one event

for example the events below:
10.40.1.10 - James - facebook.com
10.40.1.10 - James - google.com
10.40.1.12 - Katy - twitter.com
10.40.1.10 - James - facebook.com

system · August 9, 2018, 1:41pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to aggregate two events？ Logstash	1	318	September 30, 2019
Aggregating json events Logstash	2	346	November 19, 2018
How to join fields from multi events into single event? Logstash	5	4526	December 8, 2017
Logstash - Aggregate Sylsog events based on multiple Fields Logstash	2	1328	February 18, 2019
How to aggregate two events from log lines with no common pattern Logstash	6	662	March 22, 2019

Aggregate logs when fields are common in events

Related topics