Type in logstash, logstash type

Type in logstash, logstash type
Types in logstash

• Array
• Boolean
• Bytes
• Codec
• Hash
• Number
• Password
• Path
• String

Array

An array can be a single string value or multiple values. If you specify the same setting multiple times, it appends to the array.
Example:

path => [ "/var/log/messages", "/var/log/*.log" ]path => "/data/mysql/mysql.log"

Boolean

Boolean, true, false
Example:

ssl_enable => true

Bytes

A bytes field is a string field that represents a valid unit of bytes. it is a convenient way to declare specific sizes in your plugin options. both SI (k m g t p e z y) and Binary (Ki Mi Gi Ti Pi Ei Zi Yi) units are supported. binary units are in base-1024 and SI units are in base-1000.

Codec

Format of Input and Output
A codec is the name of Logstash codec used to represent the data. Codecs can be used in both inputs and outputs.

Input codecs provide a convenient way to decode your data before it enters the input. output codecs provide a convenient way to encode your data before it leaves the output. using an input or output codec eliminates the need for a separate filter in your Logstash pipeline.

Example:

codec => "json"

Hash

A hash is a collection of key value pairs specified in the format "field1" => "value1 ".
Hash, key-value pair, enclosed by quotation marks.
Example:

match => {  "field1" => "value1"  "field2" => "value2"  ...}

Password

A password is a string with a single value that is not logged or printed.
Similar to string, not output.
Example:

my_password => "password"

Number

Numbers must be valid numeric values (floating point or integer ).
Example:

my_password => "password"

Path

A path is a string that represents a valid operating system path.
Is the system path

A path is a string that represents a valid operating system path.

String

A string must be a single character sequence. Note that string values are enclosed in quotes.
String, which can be enclosed in quotation marks.

name => "Hello world"

Specific can see the original: http://www.elastic.co/guide/en/logstash/current/configuration.html

After familiarizing yourself with these types, you can better understand other modules.
For example, the add_field of grok requires hash-type parameters, that is, the following format:

filter {  grok {    add_field => { "foo_%{somefield}" => "Hello world, from %{host}" }  }}

Postscript

Logstash is a good project with comprehensive documentation and video. It is worth learning.