Hi
wondering if some one can help . We are ingesting some of the Linux Inventory in Elastic Search . One of the field is MAC address (00:50:56:a9:2c:51) .
We are looking for the if condition where if 4 charter of MAC address are 00:50 then we want to add the new field with Hardware = Virtual .
is there a way extract the value to using regex in Logstash .
regards
if [name-of-field] =~ /^00:50:/ {
mutate {
add_field => {
"Hardware" => "Virtual"
}
}
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.