Hi People ,
I am pulling some stream of XML files from Kafka topic and trying to fetch one of the element of XML file through Logstash using XML filter plugin but unable to do so ; mentioning details below ;
XML block of stream :
<?xml v="1.0" enc="UF-8"?>
<\ns0:LogRequest xmlns:ns0="http://SOME/URL/SOME.xsd ">http://SOME/URL/SOME1.xsd ">
I want to fetch the value of "Timestamp" and save it as new field but unable to do so ,
Filter block of Logstash.conf :
filter {
mutate {
In output, new field "Timestamp" is getting added but value of same remain as %{mytime} i.e. static string .
KIndly help !!
P.S. : I am new to Xpath .
I think it's the namespace that's preventing this from working for you. I think the xml filter has an option for dealing with this. It was discussed here a few weeks ago.
I have appended the xml with "" at every line, as It was difficult to post normal xml here.
Select the text and click the </> button on the toolbar to format it as preformatted text that keeps the angle brackets.
Hi Magnus ,
are you talking about "namespaces" configuration ; i tried with following conf but the problem still persist ,
filter {
xml {http://SOME/URL/SOME.xsd "http://SOME/URL/SOME1.xsd "
mutate {
}
I also tried with remove_namespaces => "true" with same conf , but still getting the "time_stamp" => "%{mytime}" as output .
Could you kindly provide any link to the last similar question , where you have mentioned the solution for such issue .
Well, i resolved this issue by doing following steps ,
Removed the namespaces from Logstash processing ;
Updated the X-path for Timestamp element ( i missed the header element , earlier )
;
filter {
xml {
}
}
So , essentially the updated X-path was the solution.
Cheers,
system
March 29, 2017, 1:36pm
5
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.