-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathlogstash-input-honeydb.conf
43 lines (39 loc) · 1.08 KB
/
logstash-input-honeydb.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# Example configuration file for the HoneyDB input plugin.
#
# Thie example configuration uses the HoneyDB input plugin to
# pull data from the HoneyDB API sensor data endpoint and
# inserts it into Elasticsearch using the Elasticsearch output plugin.
input {
honeydb {
# HoneyDB API ID.
api_id => ""
# HoneyDB API Secret Key.
secret_key => ""
# This value sets the time interval at which the API is polled.
# min value 300 (5 mins)
interval => 300
}
}
filter {
fingerprint {
source => ["[honeydb][date_time]", "[honeydb][event]", "[honeydb][service]", "[honeydb][data_hash]"]
target => "[@metadata][fingerprint]"
method => "MURMUR3"
concatenate_sources => true
}
mutate {
remove_field => ["[honeydb][date]", "[honeydb][time]", "[honeydb][millisecond]"]
}
date {
match => ["[honeydb][date_time]", "yyyy-MM-dd HH:mm:ss.SSS"]
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "honeydb"
# To avoid duplicate records in Elastichsearch,
# set document id to fingerprint from the filter above.
document_id => "%{[@metadata][fingerprint]}"
}
}