Hi Team
Iam using ELK stack 5.6
My logstash configuration is shown below
input {
file {
path => [ "/var/logs/*" ]
}
}
output {
elasticsearch {
hosts => localhost
index => "gr-%{+YYYY.MM.dd}"
}
stdout {
codec => rubydebug {
metadata => true
}
}
}
output is**
{
"_index": "gr-2019.01.02",
"_type": "doc",
"_id": "udoGDmgBaXGgpZCyj_eA",
"_version": 1,
"_score": null,
"host": "centos3",
"message": "Jan 2 03:26:12 localhost container_ELA_elasticsearch-server elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:59) ~[elasticsearch-5.6.3.jar:5.6.3]",
"@version": "1",
"@timestamp": "2019-01-02T10:05:36.967Z",
"path": "/tmp/mito/logs/app.log"
},
"fields": {
"@timestamp": [
"2019-01-02T10:05:36.967Z"
]
},
"sort": [
1546423536967
]
}
My requirement to get ip address instead of host in above output.So please help me