When I add an "if" in my output kibana don't know the pattern
Hi,
I am sorry but this is to vague, could please explain what you are doing and what the expected result is?
this is my output :
output {
if "ossec" in [tags] {
elasticsearch {
hosts => ["localhost:9200"]
index => "ossec-%{+YYYY.MM.dd}"
document_type => "ossec"
}
}
}
when i want to add the pattern ossec i can't
Can you post received message? as in the input you get?
How ?
this is my input :
input {
file {
path => "/var/ossec/logs/alerts/alerts.json"
codec => "json"
tags => ["ossec"]
}
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.