如何从LOGSTASH创建索引并映射到ES
[英]How to create Index and Mapping into ES from LOGSTASH
问题描述
I've been following this Tutorial for impport data from a DB into LOGSTASh and create a Idex and Mapping into Elastic Search INSERT INTO LOGSTASH SELECT DATA FROM DATABASE 
我一直在遵循此教程,将数据从数据库导入LOGSTASh并创建Idex并映射到Elastic Search 插入到LOGSTASH中,从数据库中选择数据
This is my OUTPUT based on my Configurations file: 这是基于我的配置文件的输出:
[2017-10-12T11:50:45,807][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"fb_apache", :directory=>"C:/Users/Bruno/Downloads/logstash-5.6.2/logstash-5.6.2/modules/fb_apache/configuration"}
[2017-10-12T11:50:45,812][INFO ][logstash.modules.scaffold] Initializing module {:module_name=>"netflow", :directory=>"C:/Users/Bruno/Downloads/logstash-5.6.2/logstash-5.6.2/modules/netflow/configuration"}
[2017-10-12T11:50:46,518][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://localhost:9200/]}}
[2017-10-12T11:50:46,521][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://localhost:9200/, :path=>"/"}
[2017-10-12T11:50:46,652][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"http://localhost:9200/"}
[2017-10-12T11:50:46,654][INFO ][logstash.outputs.elasticsearch] Using mapping template from {:path=>nil}
[2017-10-12T11:50:46,716][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"template"=>"logstash-*", "version"=>50001, "settings"=>{"index.refresh_interval"=>"5s"}, "mappings"=>{"_default_"=>{"_all"=>{"enabled"=>true, "norms"=>false}, "dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"*", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date", "include_in_all"=>false}, "@version"=>{"type"=>"keyword", "include_in_all"=>false}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}}
[2017-10-12T11:50:46,734][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//localhost:9200"]}
[2017-10-12T11:50:46,749][INFO ][logstash.pipeline ] Starting pipeline {"id"=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>500}
[2017-10-12T11:50:47,053][INFO ][logstash.pipeline ] Pipeline main started
[2017-10-12T11:50:47,196][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2017-10-12T11:50:47,817][INFO ][logstash.inputs.jdbc ] (0.130000s) SELECT * from EP_RDA_STRING
[2017-10-12T11:50:53,095][WARN ][logstash.agent ] stopping pipeline {:id=>"main"}
Everything seems OK, at least I think. 一切似乎都很好,至少在我看来。 Except the fact that querying the ES server to OUTPUT indexes and Mappings, I have it Empty. 除了将ES服务器查询到OUTPUT索引和映射的事实外,我都将其清空。
http://localhost:9200/_all/_mapping
{}
http://localhost:9200/_cat/indices?v
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
this is my File Config: 这是我的文件配置:
input {
jdbc {
# sqlserver jdbc connection string to our database, mydb
jdbc_connection_string => "jdbc:sqlserver://localhost:1433;databaseName=RDA; integratedSecurity=true;"
# The user we wish to execute our statement as
jdbc_user => ""
# The path to our downloaded jdbc driver
jdbc_driver_library => "C:\mypath\sqljdbc_6.2\enu\mssql-jdbc-6.2.1.jre8.jar"
# The name of the driver class for Postgresql
jdbc_driver_class => "com.microsoft.sqlserver.jdbc.SQLServerDriver"
# our query
statement => "SELECT * from EP_RDA_STRING"
}
}
output {
elasticsearch {
index => "RDA"
document_type => "RDA_string_view"
document_id => "%{ndb_no}"
hosts => "localhost:9200"
}
}
1 个解决方案
解决方案1
0 2018-01-19 08:27:01
Which version of logstash are you using? 您正在使用哪个版本的logstash? What is the command that you are using to start the logstash? 您用来启动logstash的命令是什么? Make sure that the input and output blocks resemble the one that is given below 确保输入和输出块类似于下面给出的块
input {
beats {
port => "29600"
type => "weblogic-server"
}
}
filter {
}
output {
elasticsearch {
hosts => ["127.0.0.1:9200"]
index => "logstash-%{+YYYY.MM.dd}"
}
stdout { codec => rubydebug }
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
logstash无法在ES中创建索引 - logstash fails to create an index in ES
ELK logstash 无法在 ES 中创建索引 - ELK logstash cant create index in ES
使用Logstash从ES删除索引 - Using Logstash to delete an index from ES
logstash索引未将数据推送到ES - logstash index is not pushing data to ES
使用logstash将索引数据从一个ES索引复制到另一个ES索引 - Copy index data from one ES index to ES another using logstash
logstash输出到elasticsearch索引和映射 - logstash output to elasticsearch index and mapping
如何配置logstash创建弹性搜索索引? - How to configure logstash to create an elasticsearch index?
Python Elasticsearch:“es.index”和“es.indices.create”之间的索引映射不一致 - Python Elasticsearch : Index mapping inconsistencies between ‘es.index’ and ‘es.indices.create’
如何从ES查询中了解ES索引? - How to know the ES index from the ES query?
在logstash中创建季度索引 - create quarterly index in logstash
相关标签