Import text file to logstash

quyennguyen · October 9, 2021, 5:41pm

I had some text files with formats like this.

10/09-22:09:34.989323 [**] [1:100000015:3] "OR SQL Injection Detected" [**] [Priority: 0] {TCP} 192.168.186.25:44748 -> 192.168.186.162:80 10/09-22:09:34.989323 [**] [1:100000015:3] "OR SQL Injection Detected" [**] [Priority: 0] {TCP} 192.168.186.25:44748 -> 192.168.186.162:80 10/09-22:09:34.994995 [**] [1:100000017:4] "Possible DDoS Attack" [**] [Priority: 0] {TCP} 192.168.186.25:44756 -> 192.168.186.162:80 10/09-22:09:34.995210 [**] [1:100000017:4] "Possible DDoS Attack" [**] [Priority: 0] {TCP} 192.168.186.25:44758 -> 192.168.186.162:80 10/09-22:09:34.995481 [**] [1:100000019:5] "Possible Brute Force Attack" [**] [Priority: 0] {TCP} 192.168.186.25:44756 -> 192.168.186.162:80 10/09-22:09:34.995481 [**] [1:100000015:3] "OR SQL Injection Detected" [**] [Priority: 0] {TCP} 192.168.186.25:44756 -> 192.168.186.162:80

I want to send this to logstash and use it in my kibana but I don't really know how to do that.

Anyone help me, please!

zx8086 · October 9, 2021, 6:45pm

You can use the Logstash Input - File

Then you can grok or dissect the data via these filters

and then you can send the filtered result to the Elasticsearch Output.

system · November 6, 2021, 6:46pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Import txt log data to cluster Logstash	4	393	June 18, 2018
Input file (json format) through logstash to elasticsearch Logstash	6	7762	December 17, 2018
Inject data from a log file Logstash	8	2847	December 26, 2017
Help importing text file split by \| Logstash	2	263	March 30, 2021
Logstash does not do anything with file input but starts successfully Logstash	5	481	April 9, 2019

Import text file to logstash

Related topics