The syntax is incorrect. Usually this one is used to check if a string is in an array field like if "_grokparsefailure" in [tags]. In your case you can use regex as in Logstash if statement with regex example
The syntax is incorrect. Usually this one is used to check if a string is in an array field like if "_grokparsefailure" in [tags]. In your case you can use regex as in Logstash if statement with regex example
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.