hi,
trying to omit messages with system filesystem type of cdrom.
My filter is as per below but seems to not work. They are still showing up in Kibana.
Any help would be appreciated.
thanks
filter {
if ([indexname] == "metricbeat-win" and [system.filesystem.type ] == "cdrom" )
{
drop { }
}
}
Question moved to #logstash
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.