I would like to use Redis as a cache, look up key:value data to enrich messages in a mutate filter. An example would be IP:MAC association. The pipeline looks like:
Input from Redis -> Filter/Mutate with regex/grok, enrich with data looked up from Redis -> Output to ElasticSearch.
Any pointers? Write a custom filter?
There appears to be a filter for DNS lookup.
You'd have to DIY here.
A Redis filter could be written, or requested. There's already an elasticsearch filter.
—Aaron
JIRA is deprecated. A request to the Logstash team can be made at github.com/elastic/logstash
Just making a request does not mean it will become available soon. But making one may alert the community to the desire, and perhaps someone will write it before the Logstash team can.
Chances are you'll get what you want sooner if you write it yourself.
—Aaron
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.