docker-mailserver/elk/16-amavis.conf
Thomas VIAL a97c8075ee Fixes #340 - amavis_duration is now a number and not a string anmymore (#341)
Fixes #340 - amavis_duration is now a number and not a string anymore
2016-09-30 13:54:50 +02:00

24 lines
613 B
Plaintext

filter {
# grok log lines by program name
if [program] == 'amavis' {
grok {
patterns_dir => "/etc/logstash/patterns.d"
match => [ "message", "%{AMAVIS}" ]
tag_on_failure => [ "_grok_amavis_nomatch" ]
add_tag => [ "_grok_amavis_success" ]
}
}
# Do some data type conversions
mutate {
convert => [
# list of integer fields
"amavis_size", "integer",
"amavis_duration", "integer",
# list of float fields
"amavis_hits", "float"
]
}
}