Feature: Dissect processor #6925
Merged
Commits on May 29, 2018
-
Implement the Dissect Tokenizer from `logstash-input-dissect`[1] This tokenizer allows you to define patterns of strings and extract the relevant informations. It also permet to do some string manipulations when extracting the keys. Example tokenizer: ```yaml tokenizer: "%{at} - [%{machine}] %{code} - %{message}" message: "10/10/2017 - [wopr] 1 - oh fire fire!" result: at: "10/10/2017" machine: "wopr" code: "1" message: "of fire fire!" ``` ```yaml tokenizer: "%{?key} %{&key}" message: "hello world" result: hello: "world" ``` Example of configuration: ```yaml processors: - dissect: tokenizer: "%{key1} - %{key2}" field: "message" target_field: "extracted" ``` Dissect support a few more features: - Indirect field - Append - skip field - Greedy padding for CSV file [1]: https://github.com/logstash-plugins/logstash-filter-dissect
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.