Hello, could you please help me with reading environment variables set with exec plugin in logstash. Generally, my input looks like this:
input{
exec{
command=>
„export FILENAME=$(ls -Arst /path/to/file | tail -n 1);
unzip -p /path/to/file/$(ls -Arst /path/to/file | tail -n 1) folder\\\\file.json;
zip -d /path/to/file/$(ls -Arst /path/to/file | tail -n 1) folder\\\\file.json > /dev/null 2>/dev/null;”
Interval => 60
}
codec => json{charset => utf-16}
}
And thus, i unzip the json and print it to message. Since I can’t add anything to the output, not to spoil the json parsing, I would like to save the filename to environment variable and read it during the filtering.
I tried reading the variable few ways:
mutate{ add_field => { „my_field” => „${FILENAME}} }
or
ruby{ code => „str = ENV[‚FILENAME’]; event.set(„filename”,str.flatten)”}
But it returns the error, telling me that it couldn’t find the environment variable set.
Did any of You succeed in implementing such operation? I’d be grateful if anyone could help me in making such a parser.
I made few working parsers that adds the filename at the beggining of the output, but in that case, json input doesn’t work and i need to split the whole message with regex. It would be more elegant to do this in envvar.