Less than or equal not working logstash filter and crashing

Shaiju_Sam · September 16, 2021, 3:26pm

I tried with another pattern creating a field still issue is the same

input {
  beats {
    port => 5044
  }
}
filter
{
if [fields][logtype] == "Seal_Async_Logs"
{
grok {
   match => { "message" => ".*\[TIME\] Detecting content type for file took\: %{WORD:createdetectingcontentrt}"}
}
}
if [fields][logtype] == "Seal_Async_Logs" {
mutate {
   convert => { "createdetectingcontentrt" => "integer" }
}
}
if [fields][logtype] == "Seal_Async_Logs" and [createdetectingcontentrt] < 2000 {
mutate {
    add_field => { "responsetime" => "2secs" }
}
}
}

output {
    elasticsearch {
    hosts => ["http://xx.xx.xx.xx"]
    index => "seal-test-uat-%{+YYYY.MM}"
    ilm_enabled => false
}
}

Shaiju_Sam · September 17, 2021, 10:02am

Finally it worked after I added the field again using "and" for the same field

if [fields][logtype] == "Seal_Async_Logs" and ([createdetectingcontentrt] < 2000 and [createdetectingcontentrt] < 2000)  {
mutate {
    add_field => { "responsetime" => "2secs" }
}
}

system · October 15, 2021, 10:02am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
'less/greater than or equal to' forgotten? Logstash	3	6081	March 8, 2017
Comparing number in conditionnal event treatement Logstash	6	2471	March 30, 2020
IF less than value is not working Logstash	8	957	November 4, 2019
Logstash container shut down + error creating action from filter Logstash docker	2	372	June 29, 2022
Null error with greater-than comparison on an integer field Logstash	5	1366	September 12, 2019

Less than or equal not working logstash filter and crashing

Related topics