Initial commit: add .gitignore and README

logstash/pipeline/20_quorum.conf

@@ -0,0 +1,21 @@
+filter {
+  if [service_name] == "quorum" {
+    grok {
+      match => { "message" => "%{GREEDYDATA:level}\[%{MONTHNUM:monthnum}\-%{DATA:monthday}\|%{TIME:time}\] %{GREEDYDATA:message}" }
+      overwrite => [ "message" ]
+    }
+    mutate {
+        add_field => { 
+            "timestamp" => "%{monthnum} %{monthday} %{time}"
+        }
+    }
+    date {
+      match => [ "timestamp" , "MM dd HH:mm:ss.SSS", "MM dd HH:mm:ss.SSS", "ISO8601"]
+      remove_field => [ "timestamp" ]
+    }
+    mutate {
+        remove_field => [ "time" ,"month","monthday","year","timestamp"]
+    }
+  }
+}
+