hi im trying to port the answer given here [image] Checking Field Length Logstash I'm still relatively new to Logstash, and I'm looking to find a way to check the length of an error message within a filter. If the message exceeds a defined number of characters, I want to…

Count length of field / number of characters in a field and add the result into a new field

Eniqmatic (Lewis Barclay) November 22, 2018, 2:19pm 8

Can you try this:

filter {
   if [log_name] == "Microsoft-Windows-Sysmon/Operational" {
      ruby {
	     code => "event['processcreate'] = event['process_command_line'].length"
	  }   
   }
}

Change a Number Field Value

Topic		Replies	Views
Checking Field Length Logstash	8	8537	November 4, 2022
Ruby filter logstash (.length) Logstash	2	220	June 13, 2022
Elastic SQL: How to get length of a field? Elasticsearch	6	1680	November 14, 2020
Extract first 50 characters from message "body" into new field Logstash	5	2142	November 17, 2020
Field - Limit length Logstash	4	1475	July 25, 2017

Count length of field / number of characters in a field and add the result into a new field

Related Topics