如何将键值对(NOT INSIDE A Datastructure)从logstash插入redis

时间:2014-11-14 17:05:31

标签: logstash

我知道我可以将日志从logstash推送到redis,但是开箱即用,我认为redis中的日志只能被推送到像list这样的数据结构中。有没有办法将日志推入“key”,从logstash到redis的“值”格式..? 例如,如果logstash可以从其源

中提取消息(以json格式) 
{"blahKey":{"utcTimestamp":"2014-11-12T10:00","somefield":"ABC","somefield":"DEF","somefield":20,"pid":182,"somefield":256,"Stay":0},"blahValue":{"someVal":1,"someVal":0}}

但需要以下面的格式插入redis 

"ABC.DEF.20.182.256.0", {"someVal":1,"someVal":0}

1.我如何解析来自{"utcTimestamp":"2014-11-12T10:00","somefield":"ABC","somefield":"DEF","somefield":20,"pid":182,"somefield":256,"Stay":0} to "ABC.DEF.20.182.256.0"的传入消息 我需要使用grok过滤器,模式匹配......请帮助我开始这里

2.我是否设法以"ABC.DEF.20.182.256.0", {"someVal":1,"someVal":0}

的形式插入redis

1 个答案:

答案 0 :(得分:0)

您可以通过以下方式使用mutate插件及其gsub方法

mutate {
    gsub => [
        "fieldname", "regex for prefix clutter", "prefix character",
        "fieldname", "regex for delimeting clutter", "delimeter character",
        "fieldname", "regex for suffix clutter", "suffix character"
    ]
}
相关问题
最新问题