input {
    file {
        path => "E:/ELK/appid_stats.log.txt"
        start_position => "beginning"
        sincedb_path => "NUL"
    }
}

filter {
    csv {
        separator => ","
        columns => [ 
            "timestamp", "app", "bytes_to_server", "bytes_to_client"
        ]
    }
    mutate {
        convert => { 
            "bytes_to_server" => "integer"
            "bytes_to_client" => "integer"
        }
    }
    date {
        match => [ "timestamp", "UNIX" ]
    }
}

output {
    elasticsearch {
        hosts => "http://localhost:9200"
        index => "logstash-snort3a"
    }
    stdout { }
}

