Hi Support,
We have more than 500 hundred network switches and we want to change the filed "type" to network.
I used following configuration but its not working.
if [host] == "10.100.250.*" { mutate { replace => { "type" => "Network" } } }
if [host] == "10.100.251.*" { mutate { replace => { "type" => "Network" } } }
Thanks,
Wildcard in logstash mutate filter
Wildcard in logstash mutate filter
Last edited by HASupport on Mon Jun 18, 2018 11:55 pm, edited 1 time in total.
Re: Wildcard in logstash mutate filter
Logstash uses the =~ operator to match regular expressions. See this page for more info:
https://www.elastic.co/guide/en/logstas ... ation.html
Try this:
Note that I have escaped the octet separators.
https://www.elastic.co/guide/en/logstas ... ation.html
Try this:
Code: Select all
if [host] =~ /10\.100\.250\..*/ { mutate { replace => { "type" => "Network" } } }
if [host] =~ /10\.100\.251\..*/ { mutate { replace => { "type" => "Network" } } }Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: Wildcard in logstash mutate filter
Thanks for the assist, @mcapra!
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Wildcard in logstash mutate filter
Thanks @mcapra, I applied and it worked