Hello,
I was wondering if it is possible to set a named capture group as metadata rather then a field sent to Elastic?
I'm parsing some data that has these permutations for the same field:
1m 125s 345ms
125s 345ms
345ms
For this I have the following regex:
(?<checkpoint_m_duration>[0-9?]*m)? ?(?<checkpoint_s_duration>[0-9?]*s)? ?(?<checkpoint_ms_duration>[0-9]*ms)?
That give me three fields that I need to strip out the characters (m, s, ms) and then add up. I don't need these three fields (checkpoint_m_duration, checkpoint_s_duration, checkpoint_ms_duration) sent to Elastic and wanted them as metadata so I can process.