Filter specific IP-Addresses



I got a Web-Interface where the User can add several IP-Addresses which are interested for him, the rest of the lines without that IP-Address should be removed from the log-file. I looked into grok and cidr filter but I am not sure if that is possible with them? Any ideas how to do that?


(Magnus B├Ąck) #2

Please explain the use case in greater detail. Are you starting Logstash based on actions taken in a web interface? Reading one input file and writing the filtered log entries to another file?

(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.