从 logstash 一次将文档索引到多个索引
Index document to multiple indicies at once from logstash
所以我对从 logstash 中的记录建立索引没有问题,但是我希望能够将同一条记录索引到多个索引。
目前在我的 logstash 输出中我有这个:
output{
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => "myIndex_primary"
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
}
假设我还想将同一条记录保存到 'secondary' 索引中。这可能来自同一个 elasticsearch 还是会强制复制整个 elasticsearch 调用?
我的想法是这样的:
output{
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => ["myIndex_primary", "myIndex_secondary"]
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
}
是的,这是可能的。您需要将另一个 elasticsearch 输出添加到配置文件。 index 选项需要一个字符串,而不是数组。
因此您的管道的输出部分将如下所示:
output{
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => "myIndex_primary" <--- index 1
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => "myIndex_secondary" <--- index 2
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
}
希望能帮到你
所以我对从 logstash 中的记录建立索引没有问题,但是我希望能够将同一条记录索引到多个索引。
目前在我的 logstash 输出中我有这个:
output{
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => "myIndex_primary"
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
}
假设我还想将同一条记录保存到 'secondary' 索引中。这可能来自同一个 elasticsearch 还是会强制复制整个 elasticsearch 调用?
我的想法是这样的:
output{
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => ["myIndex_primary", "myIndex_secondary"]
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
}
是的,这是可能的。您需要将另一个 elasticsearch 输出添加到配置文件。 index 选项需要一个字符串,而不是数组。
因此您的管道的输出部分将如下所示:
output{
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => "myIndex_primary" <--- index 1
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
elasticsearch {
hosts => ["myHost"]
user => "myUser"
password => "myPassword"
cacert => "myCert.pem"
index => "myIndex_secondary" <--- index 2
document_id => "12345"
action => "update"
doc_as_upsert => true
manage_template => false
}
}
希望能帮到你