63 lines
1.8 KiB
Plaintext
63 lines
1.8 KiB
Plaintext
input { pipeline { address => "Simfony_IPAM_Monitoring" } }
|
|
|
|
filter {
|
|
if "new" in [tags] {
|
|
csv {
|
|
autodetect_column_names => true
|
|
separator => ","
|
|
id => "New_commun_core"
|
|
}
|
|
} else if "old" in [tags] {
|
|
csv {
|
|
autodetect_column_names => true
|
|
separator => ","
|
|
id => "Old_commun_core"
|
|
}
|
|
}
|
|
|
|
mutate {
|
|
split => ["[host][name]", "."]
|
|
replace => ["[host][name]", "%{[host][name][0]}"]
|
|
rename => { "[host][name]" => "hostname" }
|
|
}
|
|
|
|
mutate {
|
|
remove_field => [ "[agent]" ]
|
|
remove_field => [ "[ecs][version]" ]
|
|
remove_field => [ "[host][architecture]" ]
|
|
remove_field => [ "[host][containerized]" ]
|
|
remove_field => [ "[host][hostname]" ]
|
|
remove_field => [ "[host][name]" ]
|
|
remove_field => [ "[host][id]" ]
|
|
remove_field => [ "[host][mac]" ]
|
|
remove_field => [ "[host][os][name]" ]
|
|
remove_field => [ "[host][os][codename]" ]
|
|
remove_field => [ "[host][os][family]" ]
|
|
remove_field => [ "[host][os][kernel]" ]
|
|
remove_field => [ "[host][os][platform]" ]
|
|
remove_field => [ "[host][os][version]" ]
|
|
remove_field => [ "[host][os][family]" ]
|
|
remove_field => [ "[host][os][kernel]" ]
|
|
remove_field => [ "[log][offset]"]
|
|
}
|
|
}
|
|
|
|
output {
|
|
if "old" in [tags] {
|
|
elasticsearch {
|
|
hosts => ["http://10.12.174.15:9200","http://10.12.174.16:9200","http://10.12.174.17:9200"]
|
|
user => "logstash_internal"
|
|
password => "vK54tBEFUZaKBVtwsmlHksbr07Rm8cTn"
|
|
index => "simfony-ipam-monitoring-old"
|
|
}
|
|
} else if "new" in [tags] {
|
|
elasticsearch {
|
|
hosts => ["http://10.12.174.15:9200","http://10.12.174.16:9200","http://10.12.174.17:9200"]
|
|
user => "logstash_internal"
|
|
password => "vK54tBEFUZaKBVtwsmlHksbr07Rm8cTn"
|
|
index => "simfony-ipam-monitoring-new"
|
|
}
|
|
}
|
|
}
|
|
|