iamhowardtheduck/LogstashMathPluginInstall.sh

Last active April 26, 2020 16:53

Star 0 You must be signed in to star a gist
Fork 0 You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/iamhowardtheduck/c07bcf2aa93a74f4498d75a8799a23c3.js"></script>
Save iamhowardtheduck/c07bcf2aa93a74f4498d75a8799a23c3 to your computer and use it in GitHub Desktop.

Download ZIP

Logstash Math Filter Plugin Install

Raw

LogstashMathPluginInstall.sh

git clone https://github.com/robin13/logstash-filter-math.git && cd logstash-filter-math/ && yum install gem* -y && gem build logstash-filter-math.gemspec && /usr/share/logstash/bin/logstash-plugin install --no-verify && /usr/share/logstash/bin/logstash-plugin install logstash-filter-math &&  service logstash restart

Author

iamhowardtheduck commented Apr 26, 2020

Example of the filter in action: (note the field listed in Discover is "Countries.TotalConfirmed")

math { calculate => [
[ "sub", "[Countries][TotalConfirmed]", "[Countries][NewConfirmed]", "[Countries][PriorConfirmed]" ],
[ "div", "[Countries][PriorConfirmed]", "[Countries][NewConfirmed]", "[Countries][PercentChanged]" ]]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment