Linux technical support - [email protected]


logstash yum example

filter {
  if  [program] == "yum" {
    grok {
      match => [ "message", "%{WORD:action}: %{NUMBER:order_number}:%{GREEDYDATA:application_name}" ]

      add_tag => "installation"
    }
  }
}

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>