Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

set the elasticsearch query period #117

Open
yoongyoung opened this issue Jun 11, 2019 · 0 comments
Open

set the elasticsearch query period #117

yoongyoung opened this issue Jun 11, 2019 · 0 comments

Comments

@yoongyoung
Copy link

I'd like to set the period at which the Elasticsearch filter in logstash flies the query.

When data is received through the input, the value of the id field is dropped into the query to obtain the name corresponding to the id from the existing index.

The problem is that the filter runs the query at a slower rate, periodically the result(dashboard field) is displayed as nil.

We need to run queries on every piece of data collected.

  • Version: 6.7
  • Operating System: CentOS
  • Config File (if you have sensitive info, please remove it):
    filter {
    elasticsearch {
    hosts => ["localhost:9200"]
    index => ".kibana"
    query => "_id:/dashboard?/%{[args][objects][id]}"
    fields => {"dashboard" => "dashboard"}
    enable_sort => false
    }

mutate {
add_field => {
"title" => "%{[dashboard][title]}"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yoongyoung