Hello,
I'm trying to create a pipeline with logstash in order to "extract" a specific metric from Elasticsearch (window_cpu_time_total). Here is my pipeline:
input {
elasticsearch {
hosts => ["http://localhost:9200"]
index => "metricbeat-7.12.0-2021.04.29-000001"
query => '{"_source": ["@timestamp", "labels","prometheus"]}'
}
}
output {
elasticsearch {
hosts => ["http://localhost:9200"]
index => "{test3[beat]}[version]}"
}
}
I get something like that which is closer to what I want. Now I would like an additional filter where I get only the metrics "prometheus.metrics.windows_cpu_time_total" and not the other metrics.
{
"hits": {
"hits": [
{
{
"_source": {
"@timestamp": "2021-04-29T15:35:57.518Z",
"prometheus": {
"metrics": {
"windows_service_status": 0
},
"labels": {
"instance": "localhost:9182",
"name": "timebrokersvc",
"job": "prometheus",
"status": "lost comm"
}
}
}
},
{
"_source": {
"@timestamp": "2021-04-29T15:35:57.518Z",
"prometheus": {
"metrics": {
"windows_cpu_time_total": 29480.625
},
"labels": {
"mode": "idle",
"core": "0,0",
"instance": "localhost:9182",
"job": "prometheus"
}
}
}
}}]}}
Could someone help me with that ?
Thank you in advance