I am able to capture some metrics in stdout from events in logstash using the relevant plugin as follows:
in my filter file:
if "somekeyword" in [tags] {
metrics {
meter => "events_somekeyword"
flush_interval => 60
add_tag => "metric_somekeyword"
}
}
in my outputs file
if "metric_somekeyword" in [tags] {
stdout {
codec => line {
format => "Time: %{+YYYY-MM-dd HH:mm:ss Z} | Metric: rate 1m | Client: SomeKeyword | Rate: %{[events_somekeyword][rate_1m]}"
}
}
My question is how to translate the exact same operation / formatting in terms of elasticsearch output so that the results are appropriately indexed in my elasticsearch instance.