Logstash multiple expressions in a single condition

capsno1 · March 8, 2017, 4:21pm

quick question:

Would this be the correct way to place multiple expressions in a single condition?

if [EMS_Identifier] == "monitor.globalStatus.nonCritical" and "disk" in [syslog_message] and "failed" in [syslog_message] {
mutate {
add_tag => ["RAID_Disk_FAILED"]
}
}

magnusbaeck · March 9, 2017, 6:52pm

Yes, that looks okay.

system · April 6, 2017, 6:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to add multiple conditions in single if statement if ((A==1) && (B==( 2 \|\| 3)) Logstash docker	4	713	January 14, 2020
Two if conditions in one line Logstash	3	10495	July 27, 2017
Logstash or condition in if statement Logstash	3	62558	January 31, 2017
Logstash if condition with multiple or's Logstash	1	326	January 25, 2019
Multiple if else problem in output in Logstash Logstash	7	7024	April 4, 2019

Logstash multiple expressions in a single condition

Related topics