Logstash configuration for collecting OpenAM and OpenIDM logs
Following on to my previous posting , here is a logstash configuration that collects logs from both OpenAM and OpenIDM, and feeds them into elastic search: input { file { type => idmRecon start_position => beginning path => "/opt/openidm/audit/recon.csv" } file { type => idmActivity start_position => beginning path => "/opt/openidm/audit/activity.csv" } file { type => amAccess # start_position => beginning path => "/opt/openam/openam-config/openam/log/amAuthentication.*" } } filter { if [type] == "idmRecon" { csv { columns => [ "idX","action","actionId","ambiguousTargetObjectIds","entryType","message","reconciling","reconId", "rootActionId","situation","so