How to search concatenated string in the message

Satya · August 14, 2018, 6:13am

HI,
In my logstash layer I am receiving the cf loggregator message in json format.
Example:
{ "name" : "abc", "address" : "bangalore}

If I want to search in my logstash grok filter, if "name":"abc" is present in the message then do some specific action.
Can you please tell how can we achieve this?

Here I want to check complete concatenated string: "name":"abc"

THanks in advance.

NerdSec · August 14, 2018, 11:13am

Hi Satya,

You could use a regex conditional.

https://www.elastic.co/guide/en/logstash/current/event-dependent-configuration.html#conditionals

system · September 11, 2018, 11:13am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to put condition based on certain string in [message]? Logstash	7	17744	May 8, 2018
If condition matching json with "in" Logstash	6	4141	July 17, 2017
Possible to search for the specific string in filter grook then concatenate to a pattern. TIA! Logstash	1	238	April 23, 2020
How to use conditional statement in Filter Logstash	5	2083	July 6, 2017
If Else in logstash filter Logstash	7	1729	November 3, 2020

How to search concatenated string in the message

Related topics