Grok add field and add tag not working

arunvijayam · July 14, 2017, 12:53am

filter {
mutate {
add_field => {
"message" => "%{global_stats},%{num_rows}"
}

remove_field => ["oldfield1", "oldfield"]

}

#}
grok {

#}
match => [ "message" , "^YES,[123456789]+$" ]
tag_on_failure => ["failed records"]
add_tag => ["parsed"]
}
#grok {

#}
}

magnusbaeck · July 14, 2017, 6:55am

Please format your configuration as preformatted text. There's a toolbar button for it.

Do you have more configuration than this? What does a line of input look like?

system · August 11, 2017, 6:55am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Working of add tag in multiline Logstash	2	977	July 6, 2017
Grok filter not working after add tags Logstash	3	872	September 20, 2017
Adding new fields from grok filter in logstash Logstash	1	544	November 20, 2018
Logstash not adding new field tag Logstash	3	302	December 4, 2020
Logstash Grok Filter _tags vs _fields Logstash	5	2165	March 17, 2017