Foreach message in logstash

Question

I need help, I want to compare 2 or more messages containce kv in logstash

examples :

first message : X < 10=5.4|9=14|36=V|3=9|49=360T_SEP|5=Good|220=p48

second messages : y1 > 8=pap4|10=495|37=d|34=7|49=SEP|220=p48 y2 > 8=pap4|10=495|34=d|34=7|49=SEP|220=p48

iteration 1 : I get two key : 5 and 220 iteration 2 : I check if y1 has not 5 and 220 from x equals 220 to y1 then set in y1 5.

Basically, I want retrieved in each message the key 220 which corresponds to 5

Any Suggestion please.

Answer 1

Unless things have really changed, logstash typically concerns itself with one event at a time. The elapsed filter is one of the only exception where it is considering prior events in the processing.

You could use ruby to create your own cache, or perhaps use the redis inputs and outputs to that effect, but I'd suggest changing the format of the original message to include the data you need.