Sum of occurrences in multi line log comes in one second

Hi,
I'd like to create a counter that adds another value ("1" or "one") to an existing string. If in my log there are 3 lines with the occurrence of the word 'low', then each time I will increase the variable value '1'. The value of my variable should look like "111".

My log file look like this and comes in one second:

root: 192.168.1.10|unknown (66/tcp)|92567|Low|description|
root: 192.168.1.10|unknown (26/tcp)|92567|Low|description|
root: 192.168.1.10|unknown (56/tcp)|92567|Low|description|

my grok config:

grok {
match => ["message", "%{IPV4:host_ip}|%{DATA:protokol_port}|%{NUMBER:nessus_id}|%{WORD:threatlvl}|%{DATA:description}|"]
}

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.