Hi,
Im using Kibana 5.4.0
I have field netflow.ipv4_dst_addr. I want check this is private ỏ public ip.
Here is my script filed
def m = ^(?:10|127|172.(?:1[6-9]|2[0-9]|3[01])|192.168)..*$/.matcher(doc['netflow.ipv4_dst_addr'].value);
if ( m.matches() ) {
return "private"
} else {
return "public"
}
but kibana show compile error
Can u suggest me script field for this case ? And where is i can debug script field before put script to kibana?
Thanks
Can Anyone help me. thanks!
Since this seems to be a static pattern, why not add a field at ingest time? This is likely to perform and scale better than a scripted field.
Thank for reply.
I used grok filter for this. it solved
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
