I want to parse HAPROXY logs for specific domain(below: abc refers to abc.com) using logstash.This is the filter that i am trying to use inside logstash input:
input {
filter {
if [message] =~ "abc" {
grok {
match => ["message", .......
On the above config, i am specifying to filter logs with abc, however, this doesn't seems to be effective, when i see on ES index, I get to see logs parsed for all different domains along with abc.com, which I don't want.
I want logs only for specific domains(say abc.com to be indexed into ES) and ignore everything apart from
abc.com
Any help would be appreciated here.