Hello,
I'm currently trying to use Logstash filter to correlate logs before outputting the result into Elasticsearch.
I thought about using aggregate when the logs are in a good order like
a
b
c
into "abc".
But the problem is, in some cases, the logs are not in the right order
a
a2
b
b2
c
c2
And I need both "abc" and "a2b2c2", I don't really know what kind of method I should use to treat those cases efficiently.
Thanks.