logstash index a text file

后端未结

关注

 1  854

孤街浪徒 2021-01-26 13:53

I\'d like to import a text file in Elasticsearch. The text file contains 3 values per line. After spending several hours of struggling, I didn\'t get it done. Help is greatly ap

1条回答

[愿得一人] (楼主)

2021-01-26 14:29

Simply put this in a file called grok.conf:

input {
        file {
                path => "/path/to/your/file.log"
                start_position => beginning
                sincedb_path => "/dev/null"
        }
}
filter {
        grok {
                match => {"message" => "%{WORD:username} %{WORD:email} %{WORD:hash}" }
        }
}
output {
        elasticsearch {
                hosts => ["localhost:9200"]
        }
}

Then run Logstash with bin/logstash -f grok.conf and you should be ok.

0 讨论(0)