Hello - Is there a way I can output the message in different files by @timestamp in logstash? These are all outputted in JSON Files.
I am very new to logstash and I am not quite sure on how to output it in multiple files by its different timestamp.
Actual output is this:
{
"@version": "1",
"@timestamp": "2020-03-14T02:36:25.441Z",
"message": "#Money Exchange Rate\r\n250\r\n#Date of Export\r\nWed Jan 20 09:40:12 2018\r\n#Current Exchange\r\nSGDUSD\r\n#MoneyCounter\r\n207 \r",
"tags": [
"multiline"
],
"host": "BD001A2A"
}{
"@version": "1",
"@timestamp": "2020-03-14T02:36:25.497Z",
"message": "#----- Start Task -----\r\n\r\n#Location\r\nOrchard Road\\Singapore\\01ACVB\\125\r\n#Counter ID\r\n7008\r",
"tags": [
"multiline"
],
"host": "BD001A2A"
}{
"@version": "1",
"@timestamp": "2020-03-14T02:37:02.809Z",
"message": "#----- Start Task -----\r\n\r\n#Location\r\nDotonburi\\Japan\\98CVBS\\112\r\n#Counter ID\r\n9001\r",
"tags": [
"multiline"
],
"host": "BD001A2A"
}
Expected output: (should have 3 outputs)
Output 1:
{
"@version": "1",
"@timestamp": "2020-03-14T02:36:25.441Z",
"message": "#Money Exchange Rate\r\n250\r\n#Date of Export\r\nWed Jan 20 09:40:12 2018\r\n#Current Exchange\r\nSGDUSD\r\n#MoneyCounter\r\n207 \r",
"tags": [
"multiline"
],
"host": "BD001A2A"
}
Output 2:
{
"@version": "1",
"@timestamp": "2020-03-14T02:36:25.497Z",
"message": "#----- Start Task -----\r\n\r\n#Location\r\nOrchard Road\\Singapore\\01ACVB\\125\r\n#Counter ID\r\n7008\r",
"tags": [
"multiline"
],
"host": "BD001A2A"
}
Output 3:
{
"@version": "1",
"@timestamp": "2020-03-14T02:37:02.809Z",
"message": "#----- Start Task -----\r\n\r\n#Location\r\nDotonburi\\Japan\\98CVBS\\112\r\n#Counter ID\r\n9001\r",
"tags": [
"multiline"
],
"host": "BD001A2A"
}