Hello elastic forum
I am learning some logstash concepts in katacoda.com (actual company's mandatory trainings and I've choose logstash). I've completed a lot of 'hands-ons' so far.
The thing is that I reach a point where I don't understand what I should do on the following:
Try adding tag A if the data read is a.
a
b
a
c
d
Ensure that the input data is tagged with type as test , and write the output to the file output.txt in the path usr/share/logstash.
I've tried this but seems not help at all. lol
input {
stdin {
file {
path => "/usr/share/logstash/lefile.txt"
start_position => "beginning"
sincedb_path => "/dev/null"
tags => ["test"]
}
}
}
filter {
if "test" in [tags] {
grok {
match => { "message" => "%{GREEDYDATA:letter}" }
mutate { replace => { "letter" => "A" } }
}
}
}
output {
file {
message_format => "%{[time]} | %{[severity]} : /%{[thread]}/ %{[loggername]} (%{[sourcemethodname]}) - %{[message]}"
path => "/usr/share/logstash/output.txt"
}
}
Any advice would help me a lot. Thanks 