logstash eve_odd
ELK/logstash2020. 6. 17. 22:05
json file ==============================================================
{"num": 11}
{"num": 12}
{"num": 13}
{"num": 14}
{"num": 15}
{"num": 16}
ruby file ==============================================================
def register( params )
#empty
end
def filter( event )
remainder = event.get("remainder")
if remainder == 0
event.set("num_result", "even_number")
return [ event ]
else
event.set("num_result", "odd_number" )
return [ event ]
end
end
logstash conf ==============================================================
input {
file {
path => "/home/kimjh/Desktop/ruby_proj/stu_01.dir/1050.json"
codec => "json"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
ruby {
code => 'remainder = event.get("num")%2;
event.set("remainder", remainder)'
}
ruby {
path => "/home/kimjh/Desktop/ruby_proj/stu_01.dir/1050.rb"
}
mutate {
remove_field => ["@timestamp", "@version", "host", "path", "remainder"]
}
}
output {
stdout {
codec => rubydebug
}
}
결과 ==============================================================
'ELK > logstash' 카테고리의 다른 글
| logstash ruby 활용법 (0) | 2020.07.07 |
|---|---|
| logstash jdbc mssql output (0) | 2020.07.04 |
| logstash file json absolute path (0) | 2020.06.17 |
| logstash input-plugin (elasticsearch) (0) | 2020.05.12 |
| logstash plugin install (0) | 2020.04.15 |
