Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XML Filter #4024

Closed
cameronattard opened this issue Jan 29, 2024 · 3 comments
Closed

XML Filter #4024

cameronattard opened this issue Jan 29, 2024 · 3 comments
Labels
enhancement New feature or request plugin - processor A plugin to manipulate data in the data prepper pipeline.
Milestone
v2.7

Comments

@cameronattard
Copy link

cameronattard commented Jan 29, 2024
edited

Is your feature request related to a problem? Please describe.

We want to be able to parse XML documents in log fields to make them more easily searchable in OpenSearch. This would mean we wouldn't have to rely on logging the field as a keyword and using expensive wildcard search queries to search for values within the document.

Describe the solution you'd like

Implement an XML filter, similar to what is available in Logstash - https://www.elastic.co/guide/en/logstash/current/plugins-filters-xml.html.
@dlvenable dlvenable added enhancement New feature or request plugin - processor A plugin to manipulate data in the data prepper pipeline. and removed untriaged labels Jan 30, 2024
@dlvenable
Copy link
Member

@cameronattard ,

This would be a useful feature. I understand that you'd like a new processor for parsing XML, correct? It sounds like you are performing a grok on a log line and then some part of that log has XML. Correct?

Perhaps something like the following:

processor:
- grok:
    match:
      log: [ '... %{GREEDYDATA:my_xml_key}' ]
- parse_xml:
    source: my_xml_key

@cameronattard
Copy link
Author

In our case we probably wouldn't even grok - the XML is usually in an existing field that's already been json-parsed.

@cameronattard cameronattard mentioned this issue Feb 22, 2024
Closed
@dlvenable dlvenable added this to the v2.7 milestone Mar 7, 2024
@dlvenable
Copy link
Member

Closed by #4191 and as a duplicate of #4165.

This was referenced Apr 1, 2024
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request plugin - processor A plugin to manipulate data in the data prepper pipeline.
Projects
Data Prepper Tracking Board
Status: Done
Milestone
v2.7
Development

No branches or pull requests
2 participants
@dlvenable @cameronattard