Can filter set dictionary matching in logstash? (similar to GeoIP)

problem description

there is a requirement to get the accessed domain name / IP from the log and want to match the type and Chinese name of the website in filter.
the type and Chinese name of the website are stored in a database file, just like a dictionary, the fields that add the type and name of the site are left blank.

for example, if the domain name of the visited website collected from the log is: www.baidu.com, you can set the matching website database in filter, and the matching result is: website type: search category, site name: Baidu search, then add the field of "site type: search category, site name: Baidu search" in the field.

this requirement is very similar to GeoIP. Matching longitude, latitude, region, and other information from an IP address is also based on a database file.

Elk logstash elasticsearch kibana filebeat
Apr.07,2022

write your own filter plugin

or curve salvation
install rest filter
https://github.com/lucashenni...
store the data in the database, then develop an interface for rest, and the logstash plug-in reads the data of this interface

Previous: Mysql grouping statistics counts all the recharge amounts under each agent

Next: Flask-migrate always has a card owner when upgrading the database. What should I do?

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu