Yep, this is spot on. Logstash + ES will do this. Regards, Mark Walkom
Infrastructure Engineer Campaign Monitor email: [email protected] web: www.campaignmonitor.com On 5 February 2014 21:47, David Pilato <[email protected]> wrote: > Not sure I fully understand but I guess you should look at logstash: > http://www.elasticsearch.org/overview/logstash/ > > I think that with logstash you could extract from your line content you > need, build a JSON and push it to elasticsearch. > > -- > *David Pilato* | *Technical Advocate* | *Elasticsearch.com* > @dadoonet <https://twitter.com/dadoonet> | > @elasticsearchfr<https://twitter.com/elasticsearchfr> > > > Le 5 février 2014 at 11:36:55, [email protected] ( > [email protected]) a écrit: > > Example complete log is: <10> Jan 17, 2014 TestHost This test message is > from src=IP1 to dest=IP2. > > The message part here is : This test message from src=IP1 to dest=IP2 > > The requirement is to index based on the meta( such as src and dest ) in > the message. > > On Wednesday, February 5, 2014 3:25:00 PM UTC+5:30, [email protected]: >> >> Is it possible to create index on the content of a message? >> If so how? >> > -- > You received this message because you are subscribed to the Google Groups > "elasticsearch" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/elasticsearch/e1d4d159-ec5d-405d-b598-cfb7b0190823%40googlegroups.com > . > For more options, visit https://groups.google.com/groups/opt_out. > > -- > You received this message because you are subscribed to the Google Groups > "elasticsearch" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/elasticsearch/etPan.52f216a7.6ceaf087.d955%40MacBook-Air-de-David.local > . > > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAEM624bDiLVSbic2-jhERQKGAMt1xBS2zE%3D-5KAvajOqY6vRXQ%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
