fefore/log4net_filter

## log4net_filter
filter {
    if [type] == "log4net" {
        grok {
            match => [ "message", "%{TIMESTAMP_ISO8601:timestamp} \[%{NUMBER:threadid}\] %{WORD:level}\s*%{DATA:class} \[%{DATA:NDC}\]\s+-\s+%{GREEDYDATA:message}" ]
        }
        mutate {
            update => {
                "type" => "log4net-log"
            }
            remove_field => [
                "[beat][hostname]",
                "[beat][name]",
                "[beat][version]"
            ]
        }
    }
}
	filter {
	if [type] == "log4net" {
	grok {
	match => [ "message", "%{TIMESTAMP_ISO8601:timestamp} \[%{NUMBER:threadid}\] %{WORD:level}\s*%{DATA:class} \[%{DATA:NDC}\]\s+-\s+%{GREEDYDATA:message}" ]
	}
	mutate {
	update => {
	"type" => "log4net-log"
	}
	remove_field => [
	"[beat][hostname]",
	"[beat][name]",
	"[beat][version]"
	]
	}
	}
	}