Hi Team,
I have queries about logstash docker and would really appreciate if someone can help me on this?
- I have logstash running as docker and I need output writtten in CSV format Host server /var/ partition no in docker container.
- I did write output for CSV but output file is getting generated in the docker container.
- Plus I need certain fields only in the output not the entire message, how do I do that?
- As in my messages contain src_ip, dst_ip port etc.; I just need src_ip to be extracted and wondering if I could do this with logstash?