Remove Specific Field matching pattern

Badger · March 22, 2023, 8:17pm

You could try

    ruby {
        init => '
            def doSomething(object, name, event)
#puts "Working on #{name}"
#Removed "if object" test since we need to process null valued fields
                    if object.kind_of?(Hash) and object != {}
                        object.each { |k, v| doSomething(v, "#{name}[#{k}]", event) }
                    elsif object.kind_of?(Array) and object != []
                        object.each_index { |i| doSomething(object[i], "#{name}[#{i}]", event) }
                    else
                        lastElement = name.gsub(/^.*\[/, "").gsub(/\]$/, "")
                        if lastElement =~ /^n1D/
                            event.remove(name)
                        end
                end
            end
        '
        code => '
            event.to_hash.each { |k, v|
                doSomething(v, "[#{k}]", event)
            }
        '
    }

Topic		Replies	Views
Logstash, remove all fields that contain a specific value Logstash	2	192	July 6, 2023
Event.remove not working Logstash	5	3261	June 29, 2018
Removing specific fields Logstash	2	300	May 28, 2018
How to remove fields with regex from json? Logstash	6	2626	January 16, 2018
How to remove subfield using pattern Logstash	3	446	September 28, 2018

Remove Specific Field matching pattern

Related topics