Hi, I would like if it is possible how to compare this value of two fields field1 : 123456XXXXXX1234 field2 : 1234567890001234 I mean i want to do if first 6 chars and last 4 chars of field1 are similar to field2 then add mutate or do something... Any help would be sincerely appreciate! Thanks…

You would need to extract those characters and then compare them. I have not tested this but perhaps grok { break_on_match => false match => { "[field1]" => "^(?<[@metadata][field1][start].{6}).*(?<[@metadata][field1][end]>.{4})$" "[field2]" => "^(?<[@metadata][field2][start…

Compare fields value

Elastic Stack Logstash

alex_vermex (alex vermex) August 5, 2022, 2:12pm 3

It works if these two fields in the same documents yes but in my case these two fields are not in the same document i created a new topic for this

Topic		Replies	Views
Compare two fields with different documents Logstash	6	650	September 2, 2022
Logstash - comparison 2 fields Logstash	3	595	January 11, 2022
Comparing Two similar fields in two grok patterns Logstash	1	259	May 19, 2020
Comparing fields from input Logstash	3	662	August 4, 2019
Logstash Comparing Field Values Using an If Statement not working Logstash	3	1431	November 6, 2020

Compare fields value

Related topics