All values become strings

Elastic Stack Logstash
1

Hi,

I have the following code, but the ruby code is not working for detecting numeric values. So all fields are strings:

input {
tcp {
host => "172.30.19.177"
port => 5000
type => syslog
}
udp {
port => 5000
type => syslog
}
}

filter {
if [type] == "syslog" {
mutate {
gsub => [
"message", "= ", '="" '
]
}
kv {
include_brackets => false
}
ruby {
code => "
event.to_hash.keys.each { |k|
if k.start_with?('cnt_')
event[k] = event[k].to_i
end
}
"
}
geoip {
source => "dst_ip"
}
}
}

output {
elasticsearch {
hosts => ["localhost:9200"]
}
}

2

Please show an example event that isn't processed correctly. Please show what it looks like using a stdout { codec => rubydebug } output.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.