Hi,
I'm experimenting with logstash and the snmptrap input.
The first problem I'm encountering is how to send them to elasticsearch
right now I'm using filebeat and icingabeat so, my elasticsearch output creates different indexes based on beat name.
snmptrap input doesn't work this way, how can I send traps to a specific index in elasticsearch?
I solved with something like this for now:
filter {
if [type] == "snmptrap" {
mutate {
add_field => { "[@metadata][beat]" => "%{type}" }
add_field => { "[@metadata][type]" => "%{type}" }
}
}
}This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.