Does anyone know of a plugin that would allow checking a field's value against the contents of a file? I'm looking to do a simple boolean check and if true have the capability to add a tag or field.
This would allow tagging of events to aid in filtering in or out on events. For example, assume you have a DNS log that has google.com in it. It would be helpful to check google.com against the Alexa top 1 million and if found tag the log with alexa. This would allow easy filtering of logs of interest by filtering out anything tagged with alexa.
I know you can do this with the ruby plugin but the performance is terrible as it would reload the file every time ruby is invoked. If there is a plugin that when loaded buffers the file contents in memory this would be incredibly fast and used for similar concepts.
Anyone know of an existing way to do this?