Hi,
when using logstash for pushing apache logs into elasticsearch, very close to the example config in logstash docs:
filter {
mutate {
replace => { type => "apache_access" }
}
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
useragent {
source => "agent"
target => "useragent"
}
}
Now, in elasticsearch the results are keys like "request", "host", "auth" etc.
How to namespacing the output, e.g. like the pipeline naming?
mypipelinename.request
mypipelinename.host
mypipelinename.auth
.... you got the idea.
It would be as more handy and useful as now, don't you think so? Couldn't find anythin in docs yet