Note: same conf
is working by this command /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/app.conf
beats {
port => 5044
host => "localhost"
}
}
filter {
csv {
separator => ","
columns => [
"Machine_id",
"Time",
"CRCErrors_Current_Value",
"CRCErrors_Severity",
"CRCErrors_Min_Current_Value",
"CRCErrors_Max_Current_Value",
"DownlinkJitter_Current_Value",
"DownlinkJitter_Severity",
"DownlinkJitter_Warning.Threshold",
"DownlinkJitter_Critical.Threshold",
"DownlinkJitter_Min_Current_Value",
"DownlinkJitter_Max_Current_Value",
"DownlinkRSSI_Current_Value",
"DownlinkRSSI_Severity",
"DownlinkRSSI_Warning.Threshold",
"DownlinkRSSICritical.Threshold",
"DownlinkRSSI_Min_Current_Value",
"DownlinkRSSI_Max_Current_Value",
"DownlinkUtilization_Current_Value",
"DownlinkUtilization_Severity",
"DownlinkUtilization_Min_Current_Value",
"DownlinkUtilization_Max_Current_Value",
"Frequency_Current_Value",
"Frequency_Severity",
"Frequency_Min_Current_Value",
"Frequency_Max_Current_Value",
"Latency_Current_Value",
"Latency_Severity",
"Latency_Warning.Threshold",
"Latency_Critical.Threshold",
"Latency_Min_Current_Value",
"Latency_Max_Current_Value",
"PacketDrop_Current_Value",
"PacketDrop_Severity",
"PacketDrop_Warning.Threshold",
"PacketDrop_Critical.Threshold",
"PacketDrop_Min_Current_Value",
"PacketDrop_Max_Current_Value",
]
}
date {
match => [ "Time", "YYYY/MM/dd-HH:mm:ss", "YYYY/MM/dd-HH:mm:ss.S-SS " ]
target => "Time"
}
mutate {convert => ["CRCErrors_Current_Value","float"]}
mutate {convert => ["CRCErrors_Min_Current_Value","float"]}
mutate {convert => ["CRCErrors_Max_Current_Value","float"]}
mutate {convert => ["DownlinkJitter_Current_Value","float"]}
mutate {convert => ["DownlinkJitter_Warning.Threshold","float"]}
mutate {convert => ["DownlinkJitter_Critical.Threshold","float"]}
mutate {convert => ["DownlinkJitter_Min_Current_Value","float"]}
mutate {convert => ["DownlinkJitter_Max_Current_Value","float"]}
mutate {convert => ["DownlinkRSSI_Current_Value","float"]}
mutate {convert => ["DownlinkRSSI_Warning.Threshold","float"]}
mutate {convert => ["DownlinkRSSI_Min_Current_Value","float"]}
mutate {convert => ["DownlinkRSSI_Max_Current_Value","float"]}
mutate {convert => ["DownlinkUtilization_Current_Value","float"]}
mutate {convert => ["DownlinkUtilization_Min_Current_Value","float"]}
mutate {convert => ["DownlinkUtilization_Max_Current_Value","float"]}
mutate {convert => ["Frequency_Current_Value","float"]}
mutate {convert => ["Frequency_Min_Current_Value","float"]}
mutate {convert => ["Frequency_Max_Current_Value","float"]}
mutate {convert => ["Latency_Current_Value","float"]}
mutate {convert => ["Latency_Warning.Threshold","float"]}
mutate {convert => ["Latency_Critical.Threshold","float"]}
mutate {convert => ["Latency_Min_Current_Value","float"]}
mutate {convert => ["Latency_Max_Current_Value","float"]}
}
output {
if [type] == "cpe9101"{
stdout { codec => rubydebug }
elasticsearch {
action => "index"
hosts => ["localhost:9200"]
index => "cpe9101-%{+YYYY.MM.dd}"
document_type => "cpe9101"
}
}
if [type] == "cpe9102"{
stdout { codec => rubydebug }
elasticsearch {
action => "index"
hosts => ["localhost:9200"]
index => "cpe9102-%{+YYYY.MM.dd}"
document_type => "cpe9101"
}
}
if [type] == "cpe9103"{
stdout { codec => rubydebug }
elasticsearch {
action => "index"
hosts => ["localhost:9200"]
index => "cpe9103-%{+YYYY.MM.dd}"
document_type => "cpe9101"
}
}
}