I am trying to find a way to filter out \r\n and \r\r\n from an array. After I split the results field I have an array with addional_info. Unfortunately there are several sources for this additional info and depending on the source it can have carraige returns line returns or tab in the data.
I need a way to replace these characters with a space so that I split will work. I need to do this obvously before the split. My issue is , it will usually work but sends a ton of error messages to the logs. I need a way to clean this up or tell logstash not to send the alerts to the logfile.
_type
_doc
additional.info
{"sysUpTime":"52 days, 0:28:11.00","iso.org.dod.internet.private.enterprises.11536.1.5.1.1":"Logs\padr.log","int_ev_type":"SNMP","iso.org.dod.internet.private.enterprises.11536.1.5.1.2":"","iso.org.dod.internet.private.enterprises.11536.1.5.1.3":"[02/07/2020 13:09:35.316122] :: GetPADRWorkingDirectory returned [D:\Program Files (x86)\PrivateArk\PADR\Conf] \r\n","snmpTrapOID":"iso.org.dod.internet.private.enterprises.11536.3.6.5000"}
bucket
10