elasticsearch Logstash-grok mutate gsub用空字符串替换反斜杠的语法,elasticsearch,logstash,logstash-grok,logstash-jdbc,elasticsearch,Logstash,Logstash Grok,Logstash Jdbc" /> elasticsearch Logstash-grok mutate gsub用空字符串替换反斜杠的语法,elasticsearch,logstash,logstash-grok,logstash-jdbc,elasticsearch,Logstash,Logstash Grok,Logstash Jdbc" />
Fatal编程技术网
  • elasticsearch/
  • elasticsearch Logstash-grok mutate gsub用空字符串替换反斜杠的语法

elasticsearch Logstash-grok mutate gsub用空字符串替换反斜杠的语法

logstash

elasticsearch Logstash-grok mutate gsub用空字符串替换反斜杠的语法,elasticsearch,logstash,logstash-grok,logstash-jdbc,elasticsearch,Logstash,Logstash Grok,Logstash Jdbc,我对Oracle SQL语句和logstash“自动转义字符,如\和”的组合有问题 在SQL语句中,我定义了,即: to_char(milliseconds_to_date(m.originationtime),'yyyy-mm-dd\"T\"hh24:MI') 但在弹性搜索中,它保存为: “收到”:“2016-01-05\T\18:46” 我对Listag生成的值的范围有相同的问题: '{' || (select listagg('\"' || cd.name || '\"' || ':'|

我对Oracle SQL语句和logstash“自动转义字符,如\和”的组合有问题

在SQL语句中,我定义了,即:

to_char(milliseconds_to_date(m.originationtime),'yyyy-mm-dd\"T\"hh24:MI')
但在弹性搜索中,它保存为:

“收到”:“2016-01-05\T\18:46”

我对Listag生成的值的范围有相同的问题:

'{' || (select listagg('\"' || cd.name || '\"' || ':'|| '\"' || cd.DATAVALUE || '\"', ', ') within group (order by cd.oid) from customdata cd where cd.messageoid = m.oid) || '}' as MsgAtt
我得到的输出如下:

“msgatt”:“{\\\\”气旋融合区\\\\”:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\”AMIS\\\\\”, \\\“ToSystem\\”:\\\“FW\\”

我试图从中得到启发

但没有完全成功。时间戳已解析,但msgatt仍包含反斜杠

“msgatt”:“{”气旋融合区“:”AMIS“,”TO系统“:”FW“。。。 你知道怎么处理这件事吗

非常感谢,大家好,鲁多看起来像一个没有好的解决办法的人

filter { 
    mutate { 
        gsub => [
            "msgatt","[\\\\\\]", "",
            "received","[\\]", "",
            "delivered","[\\]", ""
        ] 
    }
}