I have a netflow data and netflow.protocol fileds there.
I would change value of that field. If value is 17, value should be "UDP", if value is 6, value should be "TCP", if 1 - "ICMP" etc. Can I do that from Kibana or I should do that by logstash mutate method?
Can I use scripted fields for that?
In ElastiFlow™ the translate filter is used for that... and many more things. Take a look...
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.