forked from elastic/integrations
-
Notifications
You must be signed in to change notification settings - Fork 0
/
default.yml
72 lines (72 loc) · 1.91 KB
/
default.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
---
description: Pipeline for processing Ceph OSD Performance metrics.
processors:
- set:
field: ecs.version
value: 8.5.1
- set:
field: event.type
value: [info]
- set:
field: event.kind
value: metric
- set:
field: event.module
value: ceph
- rename:
field: message
target_field: event.original
ignore_missing: true
if: 'ctx.event?.original == null'
- json:
field: event.original
target_field: json
on_failure:
- append:
field: error.message
value: '{{{_ingest.on_failure_message}}}'
- rename:
field: json.id
target_field: ceph.osd_performance.osd_id
ignore_missing: true
- rename:
field: json.perf_stats.commit_latency_ms
target_field: ceph.osd_performance.latency.commit.ms
ignore_missing: true
- rename:
field: json.perf_stats.apply_latency_ms
target_field: ceph.osd_performance.latency.apply.ms
ignore_missing: true
- script:
description: Drops null/empty values recursively.
lang: painless
source: |
boolean drop(Object o) {
if (o == null || o == "") {
return true;
} else if (o instanceof Map) {
((Map) o).values().removeIf(v -> drop(v));
return (((Map) o).size() == 0);
} else if (o instanceof List) {
((List) o).removeIf(v -> drop(v));
return (((List) o).length == 0);
}
return false;
}
drop(ctx);
- remove:
field: event.original
if: "ctx.tags == null || !(ctx.tags.contains('preserve_original_event'))"
ignore_missing: true
- remove:
field:
- json
ignore_missing: true
on_failure:
- set:
field: error.message
value: "{{{_ingest.on_failure_message}}}"
- append:
field: event.kind
value: pipeline_error
allow_duplicates: false