How to read "true/false" values from a csv-file and parse them to bool datatype

magida · May 23, 2018, 11:56am

Hello,

I am currently in the midst of reading a bunch of logfiles in a csv-format using logstash. Now a problem that i've come across which i've tried to solve by myself but failed, is that that when a boolean value is read, E.g. "true", when indexed into elasticsearch it is typed as a string, but what i want is to make it a boolean to be used for aggregation etc.
The catch is that i can't just use convert or mutate, as i have no idea which columns may contain these "true/false" values. So i guess i have to use something akin to the numeric_detection to figure out if the value being read is actually a boolean or not, is this even possible?

Hope someone can help me out.

Badger · May 23, 2018, 1:52pm

    csv {}
    ruby {
        code => '
            event.to_hash.each do |k, v|
                if [ "true", "false" ].include? v.to_s.downcase
                    event.set(k, v.to_s.downcase == "true")
                end
            end
        '
    }

system · June 20, 2018, 1:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.