For the below data, I want to route indexes based on two fields : EventType and Department. All departments have separate indexes for TRACE events and non-TRACE events.

When EventType is TRACE and department is Department1
Then event should go to index Department1_TRACE

All non-TRACE event types (WARN,ERROR) should go to respective Department Index.
Like, WARN/ERROR event for Department2 should go to Index Department2.

Please help me with configuration files.

<?xml version="1.0" encoding="UTF-8"?>
<addresses>
  <address>
  <LogTime>02/22/2014 07:15:49 AM</LogTime>
<EventType>TRACE</EventType>
<Department>Department1</Department>
    <name>Joe Tester</name>
    <street>Baker street 5</street>
  </address>
   <address>
  <LogTime>02/22/2014 08:15:49 AM</LogTime>
<EventType>Error</EventType>
<Department>Department2</Department>
    <name>Joe Tester</name>
    <street>Baker street 5</street>
       </address> 
   <address>
  <LogTime>02/22/2014 09:15:49 AM</LogTime>
<EventType>WARN</EventType>
<Department>Department3</Department>
    <name>Joe Tester</name>
    <street>Baker street 5</street>
      </address>
</addresses>

Thanks!