Mutate under conditional statement is not working. any suggestion please

Hi,
Need some help please.

path => [ "/var/log/jbossas/domain/server1/server.log", "/var/log/jbossas/domain/server2/server.log"]

in filter portion i used the below to create a directory to write the log file to central logging server.

grok {
match => [
"path" , "/%{WORD:jboss_profile/}/"
]
}
if [jboss_profile] == "server1" {
mutate { add_field => { "appname" => "server1" } }
mutate { add_filed => { "profile_group" => "%{appname}"}
}
if [jboss_profile] == "server2" {
mutate { add_field => { "appname" => "server2 }}
mutate { add_filed => { "profile_group" => "%{appname}"}
}

Thanks

Is the grok filter successfully extracting a jboss_profile field?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.