我正在尝试使用grep函数,但它不起作用,
这是错误:
Couldn't find any filter plugin named 'grep'. Are you sure this is correct?
Trying to load the grep filter plugin resulted in this error: no such file to
load -- logstash/filters/grep
这是我的文件logstash.conf
input {
stdin { }
file {
type => "FireWall"
path => "/var/log/test.txt"
start_position => 'beginning'
}
}
filter {
grep {
match =>["message",".* Morito .*"]
}
grok {
patterns_dir => "./patterns"
match => [
"message", "%{WORD:firstname} %{WORD:lastname} %{NUMBER:age}
]
}
}
output {
stdout { }
elastic search {
cluster => "logstash"
}
}
我该怎么办?
答案 0 :(得分:4)
grep {}被弃用以支持条件并删除{}:
if [message] =~ /regexp/ {
drop{}
}