Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/kotlin/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
<img src="//i.stack.imgur.com/RUiNP.png" height="16" width="18" alt="" class="sponsor tag img">elasticsearch 如何使用logstash mutate或ruby过滤器_<img Src="//i.stack.imgur.com/RUiNP.png" Height="16" Width="18" Alt="" Class="sponsor Tag Img">elasticsearch_Filter_Logstash - Fatal编程技术网 elasticsearch 如何使用logstash mutate或ruby过滤器,elasticsearch,filter,logstash,elasticsearch,Filter,Logstash" /> elasticsearch 如何使用logstash mutate或ruby过滤器,elasticsearch,filter,logstash,elasticsearch,Filter,Logstash" />
Fatal编程技术网
  • elasticsearch/
  • elasticsearch 如何使用logstash mutate或ruby过滤器

elasticsearch 如何使用logstash mutate或ruby过滤器

filter logstash

elasticsearch 如何使用logstash mutate或ruby过滤器,elasticsearch,filter,logstash,elasticsearch,Filter,Logstash,我有以下Json语法 {"result": { "entities": { "SERVICE-CCC89FB0A922657A": "service1", "SERVICE-D279F46CD751424F": "service2", "SERVICE-7AB760E70FCDCA18": "service3", }, "dataPoints": { "SERVICE-CCC89FB0A922657A": [

我有以下Json语法

{"result": {
    "entities": {
        "SERVICE-CCC89FB0A922657A": "service1",
        "SERVICE-D279F46CD751424F": "service2",
        "SERVICE-7AB760E70FCDCA18": "service3",
    },
    "dataPoints": {
        "SERVICE-CCC89FB0A922657A": [
            [
                1489734240000,
                1101.0
            ],
            [
                1489734300000,
                null
            ]
        ],
        "SERVICE-7AB760E70FCDCA18": [
            [
                1489734240000,
                4080800.5470588235
            ],
            [
                1489734300000,
                null
            ]
        ],
        "SERVICE-D279F46CD751424F": [
            [
                1489734240000,
                26677.695652173912
            ],
            [
                1489734300000,
                null
            ]
        ]
    }
},
"@timestamp": "2017-03-17T07:05:37.531Z",
"data": "data",
"@version": "1"
}
我想更改以下内容并将其输入elasticsearch

{"@timestamp": "2017-03-17T07:05:37.531Z",
"data": "data",
"@version": "1",
    "data" : {
        "service1",: [
            [
                1489734240000,
                1101.0
            ],
            [
                1489734300000,
                null
            ]
        ],
        "service3" : [
            [
                1489734240000,
                4080800.5470588235
            ],
            [
                1489734300000,
                null
            ]
        ],
        "service2": [
            [
                1489734240000,
                26677.695652173912
            ],
            [
                1489734300000,
                null
            ]
        ]
    }
}
这是当前logstash conf文件的内容

input {
    http_poller {
        urls => {
            test => {
                method => get
                url => "https://xxxx.com"
                headers => {
                    Accept => "application/json"
                }
            }
        }
        request_timeout => 60
        schedule => { every => "60s" }
        codec => "plain"
    }
}

filter {
    json{
        source => "message"
        remove_field => ["[result][aggregationType]","message"]
    }

#    translate{
#    }

#    mutate{
#    }

#    ruby{
#    }

}

output {
    stdout {
        codec => rubydebug {
        #metadata => true
        }
    }
    elasticsearch {
        hosts => ["http://192.168.0.36:9200"]
    }
}
我刚刚使用了elasticsearch,我不知道如何实现要使用的过滤器。 我想知道是否有可能实现mutate过滤器重命名的内容。 还是应该用ruby实现代码​​过滤器

这些实体很可能是用红宝石排列的​​筛选以匹配数据点的服务-*s。 然而,很难处理Ruby代码

我要你帮我

谢谢。

这里有两个过滤器用于日志存储

感谢您对问题的答复。为了找到我想要的答案,我查阅了logstash filter文档页面好几次,在Google上搜索了几十次,但我发现很难找到我想要的答案。文档页面只有基本用法,因此实现我想要的功能并不容易。