How to do calculations in Logstash

Rakhshunda_Noorein_J · November 24, 2022, 1:23pm

Hello,
Please find my configuration file structure

input{
http_poller{
// here I have mentioned API url and authorisation
tags => ["tag1"]
}
http_poller{
// here I have mentioned API url and authorisation
tags => ["tag2"]
}
http_poller{
// here I have mentioned API url and authorisation
tags => ["tag3"]
}
}
filter { 
  mutate {
	remove_field => [ "[message]" ]
	remove_field => [ "[@version]" ]
	remove_field => [ "[@timestamp]" ]
	remove_field => [ "[event]" ]
  }

// I want to do calculations here... As for example for every http_poller I want to do like this..
if "tag1" in tags
{
find max(elements) in tag1
find min(element) in tag1
add_field=> calculatedfield = max - min/max;
}
if "tag2" in tags
{
find max(elements) in tag2
find min(element) in tag2
add_field=> calculatedfield = max - min/max;
}
if "tag3" in tags
{
find max(elements) in tag3
find min(element) in tag3
add_field=> calculatedfield = max - min/max;
}

}
output{
if "tag1" in tags
{
elasticsearch{
//elastic credentials and index name
}
}
if "tag2" in tags
{
elasticsearch{
//elastic credentials and index name
}
}
if "tag3" in tags
{
elasticsearch{
//elastic credentials and index name
}
}
}

I want to calculate the max and min of a field for every api in http_poller and add a field.
Please help me in this...

system · December 22, 2022, 1:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.