logstash

Not able to insert JSON from PostgreSQL to elasticsearch. Getting error - “Exception when executing JDBC query”

半城伤御伤魂 提交于 2021-02-08 10:44:22
问题 I am trying to migrate data from postgresql server to elasticsearch. The postgres data is in JSONB format. When I am starting the river, I am getting the below error. [INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600} [2019-01-07T14:22:34,625][INFO ][logstash.inputs.jdbc ] (0.128981s) SELECT to_json(details) from inventory.retailer_products1 limit 1 [2019-01-07T14:22:35,099][WARN ][logstash.inputs.jdbc ] Exception when executing JDBC query {:exception=>#<Sequel:

Resend old logs from filebeat to logstash

与世无争的帅哥 提交于 2021-02-08 08:13:20
问题 Thanks in advance for your help. I would like to reload some logs to customize additional fields. I have noticed that registry file in filebeat configuration keeps track of the files already picked. However, if I remove the content in that file, I am not getting the old logs back. I have tried also to change the timestamp of the source in registry file with no sucsess. What changes are needed to sent old logs from filebeat to logstash? How can I get the logs back? Update: This is the last log

[elk]elasticsearch实现冷热数据分离

社会主义新天地 提交于 2021-02-05 10:02:56
目录 (?) [+] 本文以最新的elasticsearch-6.3.0.tar.gz为例,为了节约资源,本文将副本调为0, 无client角色 https://www.elastic.co/blog/hot-warm-architecture-in-elasticsearch-5-x 以前 es2 .x版本配置 elasticsearch .yml 里的 node .tag: hot这个配置不生效了 被改成了这个 node .attr .box_type: hot es架构 各节点的es配置 master节点: [root@n1 ~] # cat /usr/local/elasticsearch/config/elasticsearch.yml cluster.name: elk node.master: true node.data: false node.name: 192.168.2.11 #node.attr.box_type: hot #node.tag: hot path.data: /data/es path.logs: /data/log network.host: 192.168.2.11 http.port: 9200 transport.tcp.port: 9300 transport.tcp.compress: true discovery.zen

Elasticsearch - split by comma - split filter Logstash

妖精的绣舞 提交于 2021-01-29 19:31:14
问题 I have a field where values are dynamic. I want to store space separated tokens in an array field for completion suggester Let's say if my field val is hi how are you then I want to have an array with [hi how are you, how are you, are you, you] I tried with split filter as my data in csv . I couldn't achieve that. Is there anyway to do this with only ES, Logstash. 回答1: Based on the solution I linked to, you can achieve what you need as follows. First create an ingest pipeline that leverages

Logstash: configuring aggregate + elapsed filters

北战南征 提交于 2021-01-29 14:02:07
问题 I have these logs: "03.08.2020 10:56:38","Event LClick","Type Menu","t=0","beg" "03.08.2020 10:56:38","Event LClick","Type Menu","Detail SomeDetail","t=109","end" "03.08.2020 10:56:40","Event LClick","t=1981","beg" "03.08.2020 10:56:40","Event LClick","t=2090","end" "03.08.2020 10:56:41","Event LClick","Type ToolBar","t=3026","beg" "03.08.2020 10:56:43","Event LClick","Type ToolBar","Detail User_Desktop","t=4477","end" "03.08.2020 10:56:44","Event FormActivate","Name Form_Name:IsaA","t=5444"

Document count is same but index size is growing every logstash run

回眸只為那壹抹淺笑 提交于 2021-01-29 13:36:37
问题 I'm sending elasticsearch using the logstash of the data contained in the mysql database. but each time logstash runs, the number of documents remains the same, but the index size increases. first run count: 333 | size in bytes : 206kb now count:333 | size in bytes : 1.6MB input { jdbc { jdbc_connection_string => "jdbc:mysql://***rds.amazonaws.com:3306/" jdbc_user => "***" jdbc_password => "***" jdbc_driver_library => "***\mysql-connector-java-5.1.46/mysql-connector-java-5.1.46-bin.jar" jdbc

Is it possible Logstash push same content from log file to ElasticSearch

帅比萌擦擦* 提交于 2021-01-29 13:30:54
问题 The logstash config sets log files as input source and then sends the content to ElasticSearch . The input part is like below input{ file{ path => "/data/logs/backend.log*" start_position => "beginning" } } Then the log file will be rolling by size, which means at first the log file name is backend.log , when the file reaches size 10M, then it is renamed to backend.log.1 , and a new empty backend.log is created to log content. So the question is whether logstash will send the content from

Logstash unable to read json from text file

岁酱吖の 提交于 2021-01-29 07:12:06
问题 I am pretty new to ELK stack, trying to play with it. I have a json saved in text file - just want to send it to elastic search and view using kibana. This is my conf file : input { file { path => ["C:/Users/vaish/Desktop/sample.txt"] start_position => beginning codec => json } } filter { json { source => "message" } } output { stdout { codec => rubydebug } elasticsearch { hosts => ["localhost:9200"] } } This is my sample.txt file on desktop. {"firstname":"bob","lastname":"the builder"} I

Logstash file is missing in /etc/init.d after installing logstash ubuntu

南楼画角 提交于 2021-01-29 05:41:35
问题 I am installing logstash 6.3.0 in Ubuntu with the following commands curl -L -O https://artifacts.elastic.co/downloads/logstash/logstash-6.3.0.deb sudo dpkg -i logstash-6.3.0.deb Although the installation is completed, Still no logstash file will be created in /etc/init.d directory and therefore having issues in starting logstash But when I install a lower version with the following URL and it creates the file successfully https://download.elastic.co/logstash/logstash/packages/debian/logstash

基于Storm构建实时热力分布项目实战

给你一囗甜甜゛ 提交于 2021-01-29 04:20:42
基于Storm构建实时热力分布项目实战 下载地址: 百度云盘 Storm是实时流处理领域的一柄利器,本课程采用最新的Storm版本1.1.0,从0开始由浅入深系统讲解,深入Storm内部机制,掌握Storm整合周边大数据框架的使用,从容应对大数据实时流处理! 适合人群及技术储备要求 这是一门非常具有可操作性的课程,适合Java工程师正处于瓶颈期想提升自己技术、想转型做大数据的开发者,更适合对于大数据感兴趣、想从事大数据 研发工作的同学。本课程将手把手带你从零循序渐进地讲解Storm各方面的技术点,让你轻松胜任实际大数 据实时流处理的工作,稳拿高薪! 技术储备要求 熟练掌握Java SE、Linux即可 课程目录:第1章 课程导学引见课程相关背景,学习建议等等1-1 -导学试看1-2 -OOTB环境运用演示1-3 -授课习气与学习建议第2章 初识实时流处置StormStorm作爲近几年Hadoop生态圈很火爆的大数据实时流处置框架,是成爲大数据研发工程师必备的技艺之一。 本章将从如下几个方面让大家关于Storm有微观上的看法:什麼是Storm、Storm的展开史、Storm比照Hadoop的区别、Storm比照Spark Streaming的区别、Storm的劣势、Storm运用现状及展开趋向、Storm运用案例分享...2-1 -课程目录2-2 -Storm是什麼2-3
订阅 logstash