Hi Community,
can you please advice me how to proceed with the following topic?
I am feeding unstructured logs from 3rd party application to the logstash via UDP feed. Logs are categorized by using grok script. For some log entries I don't want to keep the log itself (as the amount of the events is excessive and it is not practical to keep them) but instead I just want to create a per second or per minute counter for the occurrences of the log and store it in some variable.
I don't know how to make this counter and remove unnecessary logs.
Please help.
Best regards
Jarek1