Discuss the Elastic Stack

How to install plugin?

Elastic Stack Logstash

Smasell (Sergey) July 2, 2015, 12:05pm 1

Hi!!!
I'm absolutely new in Logstash. And I have a couple of questions:

I need to install this plugin https://github.com/logstash-plugins/logstash-filter-aggregate. Tell me please how can I do this?
My config file parses parameters like this:
grok {
match => [ "message", " id: %{INT:user-id:int};" ]
tag_on_failure => []
}
if [message] =~ /^Deauthorizing client / {
noop {
add_field => { "event" => "deauthorize" }
}
}
if [message] =~ /^Logged in / {
noop {
add_field => { "event" => "logged in" }
}
}
I want to add field with session length between "Logged in" and Deauthorizing client" in "Deauthorizing client" documents. All my logs use timestamp.
Can you help me with config file for this task?
Many thanks for helping me.

warkolm (Mark Walkom) July 2, 2015, 10:02pm 2

The docs have info on how to install plugins

© 2020. All Rights Reserved - Elasticsearch

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.