6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"How to drop by filter input logs in logstash\",\"text\":\"

I want to filter my incoming messages. \\nI don`t want receive messages, which contains next regexp:

\\n\\n

\\\\*sshd\\\\*|\\\\*k8s_kube\\\\-proxy\\\\*|\\\\*k8s_kube\\\\-proxy\\\\*|worker|\\\\-proxy|k8s_influxdb|\\\\*sshd\\\\*|\\\\*k8s_kube\\\\-proxy\\\\*|\\\\*k8s_kube\\\\-proxy\\\\*|worker|\\\\-proxy|k8s_influxdb|200\\\\ POST|200\\\\ GET|GET\\\\ 200|GET\\\\ /status\\\\ HTTP/1\\\\.1\\n

\\n\\n

How to write logstash config properly?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"August Gerro\"},\"upvoteCount\":1,\"answerCount\":1,\"acceptedAnswer\":null}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","logging",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/logging/1","children":"logging"}]}],["$","span","logstash",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/logstash/1","children":"logstash"}]}],["$","span","config",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/config/1","children":"config"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/j960Z.jpg?s=256","alt":"August Gerro","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/2485904/august-gerro","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"August Gerro"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",103]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"How to drop by filter input logs in logstash"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

I want to filter my incoming messages. \nI don`t want receive messages, which contains next regexp:

\n\n

\\*sshd\\*|\\*k8s_kube\\-proxy\\*|\\*k8s_kube\\-proxy\\*|worker|\\-proxy|k8s_influxdb|\\*sshd\\*|\\*k8s_kube\\-proxy\\*|\\*k8s_kube\\-proxy\\*|worker|\\-proxy|k8s_influxdb|200\\ POST|200\\ GET|GET\\ 200|GET\\ /status\\ HTTP/1\\.1\n

\n\n

How to write logstash config properly?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",133]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","43080210",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/JegPt.jpg?s=256","alt":"Alcanzar","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/2785358/alcanzar","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Alcanzar"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",17155]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

There is an if construct that takes a regular expression and a drop filter to get rid of events.

\n\n

Putting that together:

\n\n

filter {\n  if ([message] =~ /YOUR_REGEX_HERE/) {\n    drop {}\n  }\n}\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","56636385",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/56636385","className":"text-blue-600 hover:underline","children":"How to cumul filters with logstash?"}]}],["$","li","46342185",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/46342185","className":"text-blue-600 hover:underline","children":"logstash filter drop if headers is a specific value"}]}],["$","li","55104090",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/55104090","className":"text-blue-600 hover:underline","children":"How to apply sub-filter in logstash"}]}],["$","li","38068657",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/38068657","className":"text-blue-600 hover:underline","children":"Drop log messages containing a specific string"}]}],["$","li","45713953",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/45713953","className":"text-blue-600 hover:underline","children":"Logstash filter does not works on any logline"}]}],["$","li","39030646",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/39030646","className":"text-blue-600 hover:underline","children":"How to include the filter in Logstash config file?"}]}],["$","li","34905684",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/34905684","className":"text-blue-600 hover:underline","children":"Filtering messages out of logstash.conf"}]}],["$","li","30598286",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/30598286","className":"text-blue-600 hover:underline","children":"logstash drop filter only if included in list"}]}],["$","li","28962856",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/28962856","className":"text-blue-600 hover:underline","children":"Logstash - grok configuration filter"}]}],["$","li","24409119",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/24409119","className":"text-blue-600 hover:underline","children":"Logstash drop filter for event"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

How to drop by filter input logs in logstash

Answers (1)

Related Questions