使用Logstash grok过滤Kafka JSON消息
[英]Filter Kafka JSON messages with Logstash grok
问题描述
I try to filter kafka json messages only for Germany (DE). 
我尝试仅针对德国(DE)过滤kafka json消息。 To do that I have to write a grok expression. 为此,我必须编写一个grok表达式。 Can anyone help me in writing a grok pattern for this json? 谁能帮我为这个json编写grok模式吗?
{"table":"ORDERS","type":"I","payload":{"ID":"28112","COUNTRY":"DE","AMT":15.36}}
{"table":"ORDERS","type":"I","payload":{"ID":"28114","COUNTRY":"US","AMT":25.75}}
Sorry, that I'm new to these technologies. 抱歉,我是这些技术的新手。 Here is what my logstash.conf looks like: 这是我的logstash.conf的样子:
input {
kafka {topics => [ "test" ] auto_offset_reset => "earliest" }
}
filter {
grok {
match => { "message" => "?????????" }
if [message] =~ "*COUNTRY*DE*" {
drop{}
}
}
}
output { file { path => "./test.txt" } }
In the end I just wanna file with the Germany orders. 最后,我只想提交德国订单。 Hope to get some help, thanks! 希望得到一些帮助,谢谢!
1 个解决方案
解决方案1
0 2017-11-10 19:45:21
Do you need to use Logstash? 您需要使用Logstash吗? If not, I would suggest a simple KSQL statement 如果没有,我建议一个简单的KSQL语句
CREATE STREAM GERMAN_ORDERS AS SELECT * FROM ORDERS WHERE COUNTRY='DE';
This creates a Kafka topic that is streamed from the first, and has just the data that you want on it. 这将创建一个从第一个流式传输的Kafka主题,并且仅包含您想要的数据。 From the Kafka topic you can use Kafka Connect to land it to a file if you want that as part of your processing pipeline. 在Kafka主题中,如果您希望将其作为处理管道的一部分,则可以使用Kafka Connect将其放置到文件中。
Read an example of using KSQL here , and try it out here 阅读使用KSQL的例子在这里 ,并尝试一下这里
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.