Configure for AWS ALB/CLB Logs or Cloudfront

[dragosrosculete]

Hello,

How do I configure to process ALB/CLB logs
I am trying to use this as a sample config_logstash_http_input_ipv6.yml . I tried so many variation but I have no idea ...

webhook_text_bulk_separator: ","

imports:
- type: grok_patterns
  dir: ./patterns

    #grok_patterns:
    #- 'ELB_ACCESS_LOG'

metrics:
- type: counter
  name: ELB_REQUEST_LINE
  help: Total number of rejected recipients, partitioned by error message.
  match: '%{TIMESTAMP_ISO8601:timestamp} %{NOTSPACE:elb} %{IP:clientip}:%{INT:clientport:int} (?:(%{IP:backendip}:?:%{INT:backendport:int})|-) %{NUMBER:request_processing_time:float} %{NUMBER:backend_processing_time:fl
oat} %{NUMBER:response_processing_time:float} %{INT:response:int} %{INT:backend_response:int} %{INT:received_bytes:int} %{INT:bytes:int} %{ELB_REQUEST_LINE}'
  labels:
    error_message: '{{.message}}'