Is there any Logstash filter available to process this king of log/s
input log for mat -
apple=1 | banana= 3 | mango=5
or
apple=1 | banana= 3 | mango=5 | tiger=7 | elepnat=1
output of filter will be as follows -
{
"apple": "1"
"banana": "3"
"banana": "5"
}
or
{
"apple": "1"
"banana": "3"
"banana": "5"
"tiger": "7"
"elepnat": "1"
}
Note: Number of keys & values in input log may vary randomly, ex. in 1st log there are 3, in last log there are 5
Yes, you can use the kv Logstash filter. Simply add this filter to your configuration:
filter {
...
kv {
source => "your_field"
field_split => "|"
value_split => "="
trim_key => "\s"
trim_value => "\s"
}
}