Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- input {
- beats {
- port => 5044
- }
- }
- filter {
- mutate {
- add_field => {"beatname" => "%{[@metadata][beat]}"}
- add_field => {"beattype" => "%{[@metadata][type]}"}
- }
- }
- filter {
- if [type] == "wineventlog" and [event_id] == 5156 {
- drop { }
- }
- }
- output {
- rabbitmq {
- exchange => "logstash"
- exchange_type => "direct"
- key => "logstash-key"
- host => "10.1.6.244"
- vhost => "ELK"
- workers => 12
- durable => true
- persistent => true
- port => 5677
- user => "logstash"
- password => "****"
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
