logstash 配置 if多分支语句

input { 
  file {
    start_position => "beginning"
    path => ["/tmp/haha.log"]
    type => "haha"
  }

  file {
    start_position => "beginning"
    path => ["/tmp/apps.log"]
    type => "apps"
  }
}  


filter {
   if [type] == "haha" {
      grok {
        patterns_dir => ["./baimei-patterns/"]
        match => {
          "message" => "welcome to %{SCHOOL:school} %{CLASS:class}, %{YEAR:year}"
        }
      }

   } else if [type] == "apps" {
       mutate {
          split => { "message" => "|" }
       }

       mutate {
         add_field => {
            user_id => "%{[message][1]}"
            action => "%{[message][2]}"
            svip => "%{[message][3]}"
            price => "%{[message][4]}"
         }
       }

       mutate {
         convert => {
           "user_id" => "integer"
           "svip" => "boolean"
           "price" => "float"
         }
       }

       mutate {
         rename => { "path" => "filepath" }
       }

       mutate {
         remove_field => [ "@version","message" ]
       }

  }
}



output { 
  if [type] == "haha" {
    elasticsearch {
      hosts => ["10.0.0.101:19200","10.0.0.102:19200","10.0.0.103:19200"]
      index => "baimei-if-haha-%{+yyyy.MM.dd}"
    } 
  } else if [type] == "apps" {
    elasticsearch {
      hosts => ["10.0.0.101:19200","10.0.0.102:19200","10.0.0.103:19200"]
      index => "baimei-if-apps-%{+yyyy.MM.dd}"
    } 
  }

  stdout {
    codec => rubydebug 
  } 
}