elapsed + aggregate passing custom fields in Logstash -


i using elapsed plugin calculate time , aggregate plugin display it. added custom fields elapsed filter can see below:

 add_field => {        "status" => "status"         "user" => "%{byuser}"     }

one static other 1 dynamic coming event. on output of logstash display static values not dynamic one..

it displays %{byuser} dynamic one. task id , status fields works fine , got right values.

any idea why?

little bit more code

elapsed {     unique_id_field => "assetid"     start_tag => "tag1:tag2"     end_tag => "tag3:tag4"     add_field => {        "wasinstatus" => "tag3"        "user" => "%{byuser}"     }     add_tag => ["customtag"]   }

grok input:

 grok {         match => [             "message", "%{timestamp_iso8601:timestamp} %{number:assetid} %{word:event}:%{word:event1} user:%{username:byuser}"]   if "customtag" in [tags] , "elapsed" in [tags] {     aggregate {       task_id => "%{assetid}"        code => "event.to_hash.merge!(map)"         map_action => "create_or_update"     }   }

problem connected with: elapsed filter:

new_event_on_match => true/false

change new_event_on_match false true in pipeline fixed issue.but still wonder why.


-

Comments

Post a Comment

Popular posts from this blog

serialization - Convert Any type in scala to Array[Byte] and back -

i have following question: i have variable value in program declared value. i want convert value byte array.. how can serialize byte array , back? found examples related other types such double or int, not any. this should need. it's pretty similar how 1 in java. import java.io.{bytearrayinputstream, bytearrayoutputstream, objectinputstream, objectoutputstream} object serialization extends app { def serialise(value: any): array[byte] = { val stream: bytearrayoutputstream = new bytearrayoutputstream() val oos = new objectoutputstream(stream) oos.writeobject(value) oos.close stream.tobytearray } def deserialise(bytes: array[byte]): = { val ois = new objectinputstream(new bytearrayinputstream(bytes)) val value = ois.readobject ois.close value } println(deserialise(serialise("my test"))) println(deserialise(serialise(list(1)))) println(deserialise(serialise(map(1 -> 2)))) println(deserialise(seri
Read more

matplotlib support failed in PyCharm on OSX -

any idea how fix ? how can debug might problem ? not seem : https://youtrack.jetbrains.com/issue/py-15520 i in console: python 2.6.9 (unknown, jul 14 2015, 19:46:31) [gcc 4.2.1 compatible apple llvm 6.0 (clang-600.0.39)] on darwin >>> import matplotlib.pyplot plt matplotlib support failed the backend : >>> import matplotlib >>> print(matplotlib.rcparams['backend']) macosx
Read more

python - Matplotlib: TypeError: 'AxesSubplot' object is not callable -

i new programming please pardon me if rookie mistake. i writing python script have defined functions create subplots of distributions. i have slider widget end user change value of variables(mu , sigma) , see effect on distribution. here's code import numpy np print np.__version__ import scipy print scipy.__version__ scipy.stats import norm, lognorm, uniform import matplotlib print matplotlib.__version__ import matplotlib.pyplot plt matplotlib.widgets import slider, button, radiobuttons, checkbuttons #####calculating mean , standard deviation##### global mu_a1 mu_a1 = 1 global mu_b1 mu_b1 = 10 global mu_c1 mu_c1 = -13 global sigma_a1 sigma_a1 = 0.14 global sigma_b1 sigma_b1 = 1.16 global sigma_c1 sigma_c1 = 2.87 mu_x01 = -11 sigma_x01 = 1.9 #####_____##### #####generating random data##### a1 = 0.75*mu_a1 + (1.25 - 0.75)*sigma_a1*np.random.sample(10000) b1 = 8*mu_b1 + (12 - 8)*sigma_b1*np.random.sample(10000) c1 = -12*mu_c1 + 2*sigma_c1*np.random.sample(10000)
Read more