How to read "true/false" values from a csv-file and parse them to bool datatype

magida · May 23, 2018, 11:56am

Hello,

I am currently in the midst of reading a bunch of logfiles in a csv-format using logstash. Now a problem that i've come across which i've tried to solve by myself but failed, is that that when a boolean value is read, E.g. "true", when indexed into elasticsearch it is typed as a string, but what i want is to make it a boolean to be used for aggregation etc.
The catch is that i can't just use convert or mutate, as i have no idea which columns may contain these "true/false" values. So i guess i have to use something akin to the numeric_detection to figure out if the value being read is actually a boolean or not, is this even possible?

Hope someone can help me out.

Badger · May 23, 2018, 1:52pm

    csv {}
    ruby {
        code => '
            event.to_hash.each do |k, v|
                if [ "true", "false" ].include? v.to_s.downcase
                    event.set(k, v.to_s.downcase == "true")
                end
            end
        '
    }

system · June 20, 2018, 1:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash + Elasticsearch Boolean data 질문입니다 Logstash	7	464	July 24, 2019
How to convert a boolean value to string when ingesting with Logstash Logstash	4	1482	November 7, 2018
Issue when indexing booleans to elastic Elasticsearch	2	368	January 3, 2021
Comparing field values with value from external file without dictionary k/v? Logstash	3	579	March 4, 2020
Nested Field Different Data Types Logstash	3	295	June 8, 2018

How to read "true/false" values from a csv-file and parse them to bool datatype

Related topics