Igesting Json logs into elastics search and using if-else condition
Tags:
json elasticsearch
#1
BR_606953
Hi Team,
I am trying to achieve ingesting json logs with nxlog community edition. Is that possible? And wanted to know if below condition can be achieved with nxlog config file?
if auth_spf == pass then insert Tag DMARC aligned True OR if auth_dkim == pass then insert Tag DMARC aligned True OR if auth_spf || auth_dkim == pass then insert Tag DMARC aligned True
TIA Blason R
#1
BR_606953
Hi Team,
I am trying to achieve ingesting json logs with nxlog community edition. Is that possible? And wanted to know if below condition can be achieved with nxlog config file?
if auth_spf == pass then insert Tag DMARC aligned True
OR
if auth_dkim == pass then insert Tag DMARC aligned True
OR
if auth_spf || auth_dkim == pass then insert Tag DMARC aligned True
TIA
Blason R
Hi Blason,
Of course, NXLog CE supports JSON, please take a look at the xm_json module description, it provides methods to deal with JSON format. Please note, that these capabilities are more powerful in the NXLog Enterprise Edition.
In case of statements, please refer to the statements section in NXLog Community Edition reference.
Good luck,
Rafal
