-
### Description
It should be possible to push a filter "through" DISSECT or GROK. Like so:
```
FROM foo
| DISSECT message "login failed %{user} at %{ip}"
| WHERE user == "nik9000"
```
Right now we …
-
When trying to get or set options for FilterGroup viewer that contains column filters, the filters are removed from the viewer.
```
let tv = grok.shell.addTableView(grok.data.demo.demog());
let f =…
vdyma updated
1 month ago
-
```
I want to ignore events that match a specific grok pattern. Apparently, only
the 'grep' filter supports negation at the moment.
```
Original issue reported on code.google.com by `luke.mac...@gma…
-
```
I want to ignore events that match a specific grok pattern. Apparently, only
the 'grep' filter supports negation at the moment.
```
Original issue reported on code.google.com by `luke.mac...@gma…
-
```
const df = DG.DataFrame.fromCsv(
`id, val
1, 1
2, 2
3, 3
4, 4
5, 5
6, 6
7, 7
8, 8
`);
df.col('val').setTag('.default-filter', JSON.stringify({mi…
-
### Repository Feature
Core Repo - (rule management, validation, testing, lib, cicd, etc.)
### Problem Description
At the moment, when using ES|QL for writing detection rule queries, often we use a…
-
When I'm constructing a grok pattern, I often want to test it on multiple similar lines of log data, to ensure my pattern matches all of them. Currently Kibana's Grok Debugger applies the Grok Patter…
-
running the specs fail for `logstash-core >= 2.2`
```
/tmp/logstash-filter-grok (git)-[master] % bundle exec rspec
Using Accessor#strict_set for specs
NoMethodError: undefined method `pattern_path' f…
-
Logstash version: 5.3.2
OS: CentOS Linux release 7.2.1511 (Core)
AME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
A…
-
Hi,
thanks for providing this great boilerplate. I've just installed everything 2 days ago, regarding versions.
I've managed to forward syslogs from my log-aggregator to Kafka - and I'm able to…