How to give customize name to fields and loop through logs

vandana_sethi · August 2, 2016, 4:48am

I have a log pattern like this

OTHERS|5HUNVWW|5HUNVWW|1469784588193|1469784588193|

these pipe separated values represent a key so I want to create fields like

field1 =  OTHERS
field2 =  5HUNVWW

and so on . How can I achieve this ?

vandana_sethi · August 2, 2016, 6:01am

filter {
  ruby {
    code => '
      ids = event["message"].split("|")
      ids.each_index { |i| event["field#{i}"] = ids[i] }
      end
    '
  }
}

I achieve it using this can anyone tell what will be the best logic to give customize name not like field1 and field2 it should be like firstname , lastname schoolname etc

Christian_Dahlqvist · August 2, 2016, 6:45am

You should be able to use the csv filter for this type of data.

Topic		Replies	Views
Dynamic field names in logstash Logstash	6	4724	May 9, 2017
How to re-name field names in logstash Logstash	4	494	January 11, 2022
Changing field Name Logstash	2	296	December 9, 2019
Iteration in Logstash Logstash	5	14211	July 6, 2017
SOLVED: Grok + Dynamic field name Logstash	3	3212	July 6, 2017

How to give customize name to fields and loop through logs

Related topics