I'm using logstash to ship logs to ElasticSearch 5.1 instance and using Kibana 5.1 to show all the results.
How can I extract only the numbers from a known pattern string of the log, and then summarize all the numbers per minute?
For example, my log lines contain this text:
"Processing 53 records"
"Processing 45 records"
"Processing 97 records"
I want to create a field called processed_records, which get values 53, 45, 97 respectively, then I want to create another field called processed_records_sum, which contains the summary of processed_records per minute.
I'm new to ELK, So I don't know If I need to make a change in the logstash conf file and/or Kibana
Aucun commentaire:
Enregistrer un commentaire