[英]Test logstash with elasticsearch as input and output
我已经用Elasticsearch配置了logstash作为输入和输出参数,如下所示:
输入
{
elasticsearch {
hosts => ["hostname" ]
index => 'indexname'
type => 'type'
user => 'username'
password => 'password'
docinfo => true
query => '{ "query": { "match": { "first_name": "mary" } }}'
}
}
输出
{
elasticsearch {
hosts => ["hostname" ]
index => 'indexname'
user => 'username'
password => 'password'
}
}
我的索引数据如下:
PUT person/person/3
{
"first_name" : "mary"
}
PUT person/person/4
{
"first_name" : "mary.m"
}
PUT person/person/5
{
"first_name" : "mary.k"
}
当我在ES上运行以下查询时
GET indexname/_search
{
"query": {
"match": {
"first_name": "mary"
}
}
}
它返回
{
"took": 1,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 1,
"max_score": 0.2876821,
"hits": [
{
"_index": "person",
"_type": "person",
"_id": "3",
"_score": 0.2876821,
"_source": {
"first_name": "mary"
}
}
]
}
}
尽管logstash管道已成功启动,但它并没有在ES中记录此查询,因为我在输入部分将查询用作“ match”:{“ first_name”:“ mary”}。
由于您的ES在HTTPS上运行,因此您需要将ssl => true添加到您的elasticsearch输入配置中
input {
elasticsearch {
hosts => ["hostname" ]
index => 'indexname'
type => 'type'
user => 'username'
password => 'password'
docinfo => true
ssl => true <--- add this
query => '{ "query": { "match": { "first_name": "mary" } }}'
}
}
将字段添加到Logstash Twitter输入和Elasticsearch输出
[英]Add fields to Logstash Twitter input and Elasticsearch output
Logstash Elasticsearch输出使用输入文件中的已解析字段
[英]Logstash Elasticsearch output use parsed field from input file
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.