Tag: Logstash

  • Test Logstash Pipelines/Filters Before Implementation

    Test Logstash Pipelines/Filters Before Implementation

    Use case: Detect if the parsed logs contain single or multiple warning messages then add a field stating both cases. Logstash configuration & testing: Suppose that we have the following log files representing both cases described above: Reading the logs we can see that the field [waf][warnMsg] separates the warning messages using a semi-colon ; in the case of…