Hello everyone,
I was able to configure ELK cluster and grok for postfix, now I have a problem in finding information.
For every message sent I have 2 records similar to these
How can I do to have a single line with:
postfix_queueid, postfix_from, postfix_to, postfix_status
Thank you
Hello @zeliko79,
Your question doesn't seem to be related to Rally the Elasticsearch Benchmarking tool.
To get serve yourself and the community better, It would be best if you'd close the question here and re-open it under the Logstash category. Your logstash configuration would be helpful to include as well. Unless of course you are using the Elasticsearch Grok processor in which case the right category for this question would be Elasticsearch without Rally.
Dimitris
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.