Index Pattern issue

Bakkali_Amine · February 28, 2018, 3:40pm

When I add an "if" in my output kibana don't know the pattern

pjanzen · February 28, 2018, 3:46pm

Hi,

I am sorry but this is to vague, could please explain what you are doing and what the expected result is?

Bakkali_Amine · February 28, 2018, 3:49pm

this is my output :
output {
if "ossec" in [tags] {
elasticsearch {
hosts => ["localhost:9200"]
index => "ossec-%{+YYYY.MM.dd}"
document_type => "ossec"
}
}
}
when i want to add the pattern ossec i can't

pjanzen · February 28, 2018, 4:14pm

Can you post received message? as in the input you get?

Bakkali_Amine · February 28, 2018, 4:19pm

How ?
this is my input :
input {
file {
path => "/var/ossec/logs/alerts/alerts.json"
codec => "json"
tags => ["ossec"]
}
}

system · March 28, 2018, 4:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash Config Issues Logstash	2	502	July 6, 2017
Help with initial Logstash configuration Logstash	9	2129	July 6, 2017
Kibana index pattern matching error Kibana	7	836	January 8, 2018
Filter help please! Logstash	7	284	May 16, 2019
Logstash Filter - Elasticserach Query Logstash	1	362	January 1, 2018

Index Pattern issue

Related topics