Event severity cisco for logstash


if [event][severity] == 7 - > does not work in a pipeline to create a new index with

do you have any idea how to make it work?

infra with filebeat -> logstash -> Elasticsearch

Can you post your configuration and possibly a data sample if you can?

I can't post sample data.
Finally, the decision was that we made a ticket to the editorial support.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.