Pattern matching in Logstash

Deepthi_V · August 3, 2017, 12:05am

Hi All,

I am calling Logstash using stdin like shown below:

/opt/logstash/bin/logstash agent -e 'input { file { path => "/home/dv/Desktop/log_output/input/**/*.log" codec => multiline { pattern => "^\s" what => "previous" } start_position => beginning ignore_older => 0 sincedb_path => "/dev/null" } }' -f /etc/logstash/conf.d/pipeline.conf

I am accessing the "path" in my configuration file and I want to check if the "path" contains words like "alerts","var" etc, so that different grok patterns get applied on it.

So far I have tried:

if [path] =~ "alerts"
if "alerts" in [path]

But it does not seem to work. Can anybody please help with this ASAP!

Thanks in advance.

Deepthi

magnusbaeck · August 3, 2017, 8:11am

Please use a stdout { codec => rubydebug } output to show us what your log entries look like. Preferably show us an example that contains "alerts".

Deepthi_V · August 3, 2017, 8:23am

Hello Magnus,

I was able to resolve this.

Thank you for your reply.

Regards,
Deepthi

prydeep · August 7, 2017, 2:28pm

Hey, Can you tell me how you fixed this issue? thanks

Deepthi_V · August 7, 2017, 7:03pm

It was a silly mistake from my side. I had removed the path field in the filter section but I was trying to access it in the output section. I just corrected that.

system · September 4, 2017, 7:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to apply different filters based on particular name of files without using Filebeat Logstash	5	864	July 16, 2019
Logstash if condition regex Logstash	5	6573	April 8, 2020
Matching log.file.path with Grok Logstash	2	1858	July 1, 2020
Specify a grok pattern to specific files? Logstash	5	353	September 12, 2019
Logstash: If message contains regex add field Logstash	1	7638	June 20, 2017

Pattern matching in Logstash

Related topics