Hi, I am a newbie in ELK.
I have Logstash reading from a json file.
What i am trying to do is that Logstash send the entire event to ES (it works) and just one field from json event to redis (it does not work).
It introduces always the entire event into reddis too.
Could anyone help me please?
Thank you a lot.
You'll have to make a copy of the event with the clone filter och delete all fields except one in the copy that should go to the redis output. Use conditionals to direct the Redis event to the redis output but not the elasticsearch output and vice versa.
Thank you a lot for your fast reponse.
Very useful information. J
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.