[英]elasticsearch - import csv using logstash date is not parsed as of datetime type
我試圖使用logstash將csv導入elasticsearch我嘗試過兩種方法:
1) 對於下面的csv是我的logstash文件:
input {
file {
path => "path_to_my_csv.csv"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
csv {
separator => ","
columns => ["col1","col2_datetime"]
}
mutate {convert => [ "col1", "float" ]}
date {
locale => "en"
match => ["col2_datetime", "ISO8601"] // tried this one also - match => ["col2_datetime", "yyyy-MM-dd HH:mm:ss"]
timezone => "Asia/Kolkata"
target => "@timestamp" // tried this one also - target => "col2_datetime"
}
}
output {
elasticsearch {
hosts => "http://localhost:9200"
index => "my_collection"
}
stdout {}
}
2) 使用grok過濾器:
對於grok過濾器,下面是我的logstash文件
input {
file {
path => "path_to_my_csv.csv"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
grok {
match => { "message" => "(?<col1>(?:%{BASE10NUM})),(%{TIMESTAMP_ISO8601:col2_datetime})"}
remove_field => [ "message" ]
}
date {
match => ["col2_datetime", "yyyy-MM-dd HH:mm:ss"]
}
}
output {
elasticsearch {
hosts => "http://localhost:9200"
index => "my_collection_grok"
}
stdout {}
}
問題:
因此,當我單獨運行這兩個文件時,我能夠在elasticsearch中導入數據。 但我的日期字段沒有解析為datetime類型,而是保存為字符串,因此我無法運行日期過濾器。
所以有人可以幫我弄清楚它為什么會發生。 我的彈性搜索版本是5.4.1。
提前致謝
我對配置文件進行了2次更改。
1)刪除列名col2_datetime中的under_score
2)添加目標
這是我的配置文件的樣子......
vi logstash.conf
input {
file {
path => "/config-dir/path_to_my_csv.csv"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
csv {
separator => ","
columns => ["col1","col2"]
}
mutate {convert => [ "col1", "float" ]}
date {
locale => "en"
match => ["col2", "yyyy-MM-dd HH:mm:ss"]
target => "col2"
}
}
output {
elasticsearch {
hosts => "http://172.17.0.1:9200"
index => "my_collection"
}
stdout {}
}
這是數據文件:
vi path_to_my_csv.csv
1234365,2016-12-02 19:00:52
1234368,2016-12-02 15:02:02
1234369,2016-12-02 15:02:07
Elasticsearch logstash jdbc:日期時間列被解析為文本類型
[英]Elasticsearch logstash jdbc : datetime column is parsed as text type
如何在Elasticsearch提示器中使用Logstash導入CSV數據以完成字段類型
[英]How to import CSV data using Logstash for field type completion in Elasticsearch suggester
如何在不使用 logstash 的情況下將數據從 csv 導入到 java 中的 elasticsearch?
[英]How to import data from csv to elasticsearch in java without using logstash?
CSV地理數據使用logstash作為geo_point類型進入elasticsearch
[英]CSV geodata into elasticsearch as a geo_point type using logstash
如何使用logstash將壓縮的json導入elasticsearch?
[英]How to import zipped json into elasticsearch using logstash?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.