Project

logstash-filter-rmf

0.0
No commit activity in last 3 years
No release in over 3 years
logstash-filter-rmfgraphie/logstash-filter-rmfHomepageDocumentationSource CodeBug TrackerWiki
This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
6,772
Stars
1
Forks
0
Watchers
1
 Releases
Current version
1.1.0
Total releases
4
First release
2018-05-12
Latest release
2018-05-12
 Development
Primary Language
Ruby
Licenses
Apache-2.0
Average date of last 50 commits
2018-05-10
Reverse Dependencies
0

 Dependencies

Development

logstash-devutils
>= 0

Runtime

logstash-core-plugin-api
~> 2.1
 Project Readme

logstash-filter-rmf

This is a Logstash filter plugin, that allows to remove not whitelisted fields

Usage

This plugin have only one field named "whitelist". As you can guess it stores array of strings, that represent allowed fields. All not specified fields, except for starting with _ (underscore) and @ (at) are deleted. Subfields can be indicated in two ways: by dots or square brackets (like in example below).

rmf {
  "whitelist" => ["[a][b][c]", "a.d"]
}

You can specify multiple subfields dividing them by | symbol and surrounding expression by optional square or round brackets. So you can create pretty complex combination of subfields like:

rmf {
  "whitelist" => ["[first][second|other_second]", "start.(second_start|other_second_start).end|other_end"]
}

With this snippet of code will be created following whitelist:

  • [first][second],
  • [first][other_second],
  • [start][second_start][end],
  • [start][other_second_start][other_end],
  • [start][second_start][end],
  • [start][other_second_start][other_end].

If this construction exists more then on one level, there will be each-with-each combination.