fluent-plugin-elasticsearch-dext 5.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.coveralls.yml +2 -0
- data/.editorconfig +9 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +37 -0
- data/.github/ISSUE_TEMPLATE/feature_request.md +24 -0
- data/.github/workflows/issue-auto-closer.yml +12 -0
- data/.github/workflows/linux.yml +26 -0
- data/.github/workflows/macos.yml +26 -0
- data/.github/workflows/windows.yml +26 -0
- data/.gitignore +18 -0
- data/.travis.yml +40 -0
- data/CONTRIBUTING.md +24 -0
- data/Gemfile +11 -0
- data/History.md +553 -0
- data/ISSUE_TEMPLATE.md +30 -0
- data/LICENSE.txt +201 -0
- data/PULL_REQUEST_TEMPLATE.md +10 -0
- data/README.ElasticsearchGenID.md +116 -0
- data/README.ElasticsearchInput.md +293 -0
- data/README.Troubleshooting.md +601 -0
- data/README.md +1467 -0
- data/Rakefile +11 -0
- data/appveyor.yml +20 -0
- data/fluent-plugin-elasticsearch.gemspec +35 -0
- data/gemfiles/Gemfile.elasticsearch.v6 +12 -0
- data/lib/fluent/log-ext.rb +38 -0
- data/lib/fluent/plugin/default-ilm-policy.json +14 -0
- data/lib/fluent/plugin/elasticsearch_constants.rb +13 -0
- data/lib/fluent/plugin/elasticsearch_error.rb +5 -0
- data/lib/fluent/plugin/elasticsearch_error_handler.rb +129 -0
- data/lib/fluent/plugin/elasticsearch_fallback_selector.rb +9 -0
- data/lib/fluent/plugin/elasticsearch_index_lifecycle_management.rb +67 -0
- data/lib/fluent/plugin/elasticsearch_index_template.rb +211 -0
- data/lib/fluent/plugin/elasticsearch_simple_sniffer.rb +10 -0
- data/lib/fluent/plugin/elasticsearch_tls.rb +70 -0
- data/lib/fluent/plugin/filter_elasticsearch_genid.rb +77 -0
- data/lib/fluent/plugin/in_elasticsearch.rb +325 -0
- data/lib/fluent/plugin/oj_serializer.rb +22 -0
- data/lib/fluent/plugin/out_elasticsearch.rb +1108 -0
- data/lib/fluent/plugin/out_elasticsearch_data_stream.rb +218 -0
- data/lib/fluent/plugin/out_elasticsearch_dynamic.rb +282 -0
- data/test/helper.rb +24 -0
- data/test/plugin/test_alias_template.json +9 -0
- data/test/plugin/test_elasticsearch_error_handler.rb +646 -0
- data/test/plugin/test_elasticsearch_fallback_selector.rb +74 -0
- data/test/plugin/test_elasticsearch_index_lifecycle_management.rb +66 -0
- data/test/plugin/test_elasticsearch_tls.rb +145 -0
- data/test/plugin/test_filter_elasticsearch_genid.rb +215 -0
- data/test/plugin/test_in_elasticsearch.rb +459 -0
- data/test/plugin/test_index_alias_template.json +11 -0
- data/test/plugin/test_index_template.json +25 -0
- data/test/plugin/test_oj_serializer.rb +19 -0
- data/test/plugin/test_out_elasticsearch.rb +5688 -0
- data/test/plugin/test_out_elasticsearch_data_stream.rb +337 -0
- data/test/plugin/test_out_elasticsearch_dynamic.rb +1134 -0
- data/test/plugin/test_template.json +23 -0
- data/test/test_log-ext.rb +35 -0
- metadata +236 -0
data/ISSUE_TEMPLATE.md
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
(check apply)
|
2
|
+
- [ ] read [the contribution guideline](https://github.com/uken/fluent-plugin-elasticsearch/blob/master/CONTRIBUTING.md)
|
3
|
+
|
4
|
+
#### Problem
|
5
|
+
|
6
|
+
...
|
7
|
+
|
8
|
+
#### Steps to replicate
|
9
|
+
|
10
|
+
Either clone and modify https://gist.github.com/pitr/9a518e840db58f435911
|
11
|
+
|
12
|
+
**OR**
|
13
|
+
|
14
|
+
Provide example config and message
|
15
|
+
|
16
|
+
#### Expected Behavior or What you need to ask
|
17
|
+
|
18
|
+
...
|
19
|
+
|
20
|
+
#### Using Fluentd and ES plugin versions
|
21
|
+
|
22
|
+
* OS version
|
23
|
+
* Bare Metal or within Docker or Kubernetes or others?
|
24
|
+
* Fluentd v0.12 or v0.14/v1.0
|
25
|
+
* paste result of ``fluentd --version`` or ``td-agent --version``
|
26
|
+
* ES plugin 3.x.y/2.x.y or 1.x.y
|
27
|
+
* paste boot log of fluentd or td-agent
|
28
|
+
* paste result of ``fluent-gem list``, ``td-agent-gem list`` or your Gemfile.lock
|
29
|
+
* ES version (optional)
|
30
|
+
* ES template(s) (optional)
|
data/LICENSE.txt
ADDED
@@ -0,0 +1,201 @@
|
|
1
|
+
Apache License
|
2
|
+
Version 2.0, January 2004
|
3
|
+
http://www.apache.org/licenses/
|
4
|
+
|
5
|
+
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
6
|
+
|
7
|
+
1. Definitions.
|
8
|
+
|
9
|
+
"License" shall mean the terms and conditions for use, reproduction,
|
10
|
+
and distribution as defined by Sections 1 through 9 of this document.
|
11
|
+
|
12
|
+
"Licensor" shall mean the copyright owner or entity authorized by
|
13
|
+
the copyright owner that is granting the License.
|
14
|
+
|
15
|
+
"Legal Entity" shall mean the union of the acting entity and all
|
16
|
+
other entities that control, are controlled by, or are under common
|
17
|
+
control with that entity. For the purposes of this definition,
|
18
|
+
"control" means (i) the power, direct or indirect, to cause the
|
19
|
+
direction or management of such entity, whether by contract or
|
20
|
+
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
21
|
+
outstanding shares, or (iii) beneficial ownership of such entity.
|
22
|
+
|
23
|
+
"You" (or "Your") shall mean an individual or Legal Entity
|
24
|
+
exercising permissions granted by this License.
|
25
|
+
|
26
|
+
"Source" form shall mean the preferred form for making modifications,
|
27
|
+
including but not limited to software source code, documentation
|
28
|
+
source, and configuration files.
|
29
|
+
|
30
|
+
"Object" form shall mean any form resulting from mechanical
|
31
|
+
transformation or translation of a Source form, including but
|
32
|
+
not limited to compiled object code, generated documentation,
|
33
|
+
and conversions to other media types.
|
34
|
+
|
35
|
+
"Work" shall mean the work of authorship, whether in Source or
|
36
|
+
Object form, made available under the License, as indicated by a
|
37
|
+
copyright notice that is included in or attached to the work
|
38
|
+
(an example is provided in the Appendix below).
|
39
|
+
|
40
|
+
"Derivative Works" shall mean any work, whether in Source or Object
|
41
|
+
form, that is based on (or derived from) the Work and for which the
|
42
|
+
editorial revisions, annotations, elaborations, or other modifications
|
43
|
+
represent, as a whole, an original work of authorship. For the purposes
|
44
|
+
of this License, Derivative Works shall not include works that remain
|
45
|
+
separable from, or merely link (or bind by name) to the interfaces of,
|
46
|
+
the Work and Derivative Works thereof.
|
47
|
+
|
48
|
+
"Contribution" shall mean any work of authorship, including
|
49
|
+
the original version of the Work and any modifications or additions
|
50
|
+
to that Work or Derivative Works thereof, that is intentionally
|
51
|
+
submitted to Licensor for inclusion in the Work by the copyright owner
|
52
|
+
or by an individual or Legal Entity authorized to submit on behalf of
|
53
|
+
the copyright owner. For the purposes of this definition, "submitted"
|
54
|
+
means any form of electronic, verbal, or written communication sent
|
55
|
+
to the Licensor or its representatives, including but not limited to
|
56
|
+
communication on electronic mailing lists, source code control systems,
|
57
|
+
and issue tracking systems that are managed by, or on behalf of, the
|
58
|
+
Licensor for the purpose of discussing and improving the Work, but
|
59
|
+
excluding communication that is conspicuously marked or otherwise
|
60
|
+
designated in writing by the copyright owner as "Not a Contribution."
|
61
|
+
|
62
|
+
"Contributor" shall mean Licensor and any individual or Legal Entity
|
63
|
+
on behalf of whom a Contribution has been received by Licensor and
|
64
|
+
subsequently incorporated within the Work.
|
65
|
+
|
66
|
+
2. Grant of Copyright License. Subject to the terms and conditions of
|
67
|
+
this License, each Contributor hereby grants to You a perpetual,
|
68
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
69
|
+
copyright license to reproduce, prepare Derivative Works of,
|
70
|
+
publicly display, publicly perform, sublicense, and distribute the
|
71
|
+
Work and such Derivative Works in Source or Object form.
|
72
|
+
|
73
|
+
3. Grant of Patent License. Subject to the terms and conditions of
|
74
|
+
this License, each Contributor hereby grants to You a perpetual,
|
75
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
76
|
+
(except as stated in this section) patent license to make, have made,
|
77
|
+
use, offer to sell, sell, import, and otherwise transfer the Work,
|
78
|
+
where such license applies only to those patent claims licensable
|
79
|
+
by such Contributor that are necessarily infringed by their
|
80
|
+
Contribution(s) alone or by combination of their Contribution(s)
|
81
|
+
with the Work to which such Contribution(s) was submitted. If You
|
82
|
+
institute patent litigation against any entity (including a
|
83
|
+
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
84
|
+
or a Contribution incorporated within the Work constitutes direct
|
85
|
+
or contributory patent infringement, then any patent licenses
|
86
|
+
granted to You under this License for that Work shall terminate
|
87
|
+
as of the date such litigation is filed.
|
88
|
+
|
89
|
+
4. Redistribution. You may reproduce and distribute copies of the
|
90
|
+
Work or Derivative Works thereof in any medium, with or without
|
91
|
+
modifications, and in Source or Object form, provided that You
|
92
|
+
meet the following conditions:
|
93
|
+
|
94
|
+
(a) You must give any other recipients of the Work or
|
95
|
+
Derivative Works a copy of this License; and
|
96
|
+
|
97
|
+
(b) You must cause any modified files to carry prominent notices
|
98
|
+
stating that You changed the files; and
|
99
|
+
|
100
|
+
(c) You must retain, in the Source form of any Derivative Works
|
101
|
+
that You distribute, all copyright, patent, trademark, and
|
102
|
+
attribution notices from the Source form of the Work,
|
103
|
+
excluding those notices that do not pertain to any part of
|
104
|
+
the Derivative Works; and
|
105
|
+
|
106
|
+
(d) If the Work includes a "NOTICE" text file as part of its
|
107
|
+
distribution, then any Derivative Works that You distribute must
|
108
|
+
include a readable copy of the attribution notices contained
|
109
|
+
within such NOTICE file, excluding those notices that do not
|
110
|
+
pertain to any part of the Derivative Works, in at least one
|
111
|
+
of the following places: within a NOTICE text file distributed
|
112
|
+
as part of the Derivative Works; within the Source form or
|
113
|
+
documentation, if provided along with the Derivative Works; or,
|
114
|
+
within a display generated by the Derivative Works, if and
|
115
|
+
wherever such third-party notices normally appear. The contents
|
116
|
+
of the NOTICE file are for informational purposes only and
|
117
|
+
do not modify the License. You may add Your own attribution
|
118
|
+
notices within Derivative Works that You distribute, alongside
|
119
|
+
or as an addendum to the NOTICE text from the Work, provided
|
120
|
+
that such additional attribution notices cannot be construed
|
121
|
+
as modifying the License.
|
122
|
+
|
123
|
+
You may add Your own copyright statement to Your modifications and
|
124
|
+
may provide additional or different license terms and conditions
|
125
|
+
for use, reproduction, or distribution of Your modifications, or
|
126
|
+
for any such Derivative Works as a whole, provided Your use,
|
127
|
+
reproduction, and distribution of the Work otherwise complies with
|
128
|
+
the conditions stated in this License.
|
129
|
+
|
130
|
+
5. Submission of Contributions. Unless You explicitly state otherwise,
|
131
|
+
any Contribution intentionally submitted for inclusion in the Work
|
132
|
+
by You to the Licensor shall be under the terms and conditions of
|
133
|
+
this License, without any additional terms or conditions.
|
134
|
+
Notwithstanding the above, nothing herein shall supersede or modify
|
135
|
+
the terms of any separate license agreement you may have executed
|
136
|
+
with Licensor regarding such Contributions.
|
137
|
+
|
138
|
+
6. Trademarks. This License does not grant permission to use the trade
|
139
|
+
names, trademarks, service marks, or product names of the Licensor,
|
140
|
+
except as required for reasonable and customary use in describing the
|
141
|
+
origin of the Work and reproducing the content of the NOTICE file.
|
142
|
+
|
143
|
+
7. Disclaimer of Warranty. Unless required by applicable law or
|
144
|
+
agreed to in writing, Licensor provides the Work (and each
|
145
|
+
Contributor provides its Contributions) on an "AS IS" BASIS,
|
146
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
147
|
+
implied, including, without limitation, any warranties or conditions
|
148
|
+
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
149
|
+
PARTICULAR PURPOSE. You are solely responsible for determining the
|
150
|
+
appropriateness of using or redistributing the Work and assume any
|
151
|
+
risks associated with Your exercise of permissions under this License.
|
152
|
+
|
153
|
+
8. Limitation of Liability. In no event and under no legal theory,
|
154
|
+
whether in tort (including negligence), contract, or otherwise,
|
155
|
+
unless required by applicable law (such as deliberate and grossly
|
156
|
+
negligent acts) or agreed to in writing, shall any Contributor be
|
157
|
+
liable to You for damages, including any direct, indirect, special,
|
158
|
+
incidental, or consequential damages of any character arising as a
|
159
|
+
result of this License or out of the use or inability to use the
|
160
|
+
Work (including but not limited to damages for loss of goodwill,
|
161
|
+
work stoppage, computer failure or malfunction, or any and all
|
162
|
+
other commercial damages or losses), even if such Contributor
|
163
|
+
has been advised of the possibility of such damages.
|
164
|
+
|
165
|
+
9. Accepting Warranty or Additional Liability. While redistributing
|
166
|
+
the Work or Derivative Works thereof, You may choose to offer,
|
167
|
+
and charge a fee for, acceptance of support, warranty, indemnity,
|
168
|
+
or other liability obligations and/or rights consistent with this
|
169
|
+
License. However, in accepting such obligations, You may act only
|
170
|
+
on Your own behalf and on Your sole responsibility, not on behalf
|
171
|
+
of any other Contributor, and only if You agree to indemnify,
|
172
|
+
defend, and hold each Contributor harmless for any liability
|
173
|
+
incurred by, or claims asserted against, such Contributor by reason
|
174
|
+
of your accepting any such warranty or additional liability.
|
175
|
+
|
176
|
+
END OF TERMS AND CONDITIONS
|
177
|
+
|
178
|
+
APPENDIX: How to apply the Apache License to your work.
|
179
|
+
|
180
|
+
To apply the Apache License to your work, attach the following
|
181
|
+
boilerplate notice, with the fields enclosed by brackets "{}"
|
182
|
+
replaced with your own identifying information. (Don't include
|
183
|
+
the brackets!) The text should be enclosed in the appropriate
|
184
|
+
comment syntax for the file format. We also recommend that a
|
185
|
+
file or class name and description of purpose be included on the
|
186
|
+
same "printed page" as the copyright notice for easier
|
187
|
+
identification within third-party archives.
|
188
|
+
|
189
|
+
Copyright 2017 Uken Studios, Inc.
|
190
|
+
|
191
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
192
|
+
you may not use this file except in compliance with the License.
|
193
|
+
You may obtain a copy of the License at
|
194
|
+
|
195
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
196
|
+
|
197
|
+
Unless required by applicable law or agreed to in writing, software
|
198
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
199
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
200
|
+
See the License for the specific language governing permissions and
|
201
|
+
limitations under the License.
|
@@ -0,0 +1,10 @@
|
|
1
|
+
DESCRIPTION HERE
|
2
|
+
|
3
|
+
(check all that apply)
|
4
|
+
- [ ] tests added
|
5
|
+
- [ ] tests passing
|
6
|
+
- [ ] README updated (if needed)
|
7
|
+
- [ ] README Table of Contents updated (if needed)
|
8
|
+
- [ ] History.md and `version` in gemspec are untouched
|
9
|
+
- [ ] backward compatible
|
10
|
+
- [ ] feature works in `elasticsearch_dynamic` (not required but recommended)
|
@@ -0,0 +1,116 @@
|
|
1
|
+
## Index
|
2
|
+
|
3
|
+
* [Usage](#usage)
|
4
|
+
* [Configuration](#configuration)
|
5
|
+
+ [hash_id_key](#hash_id_key)
|
6
|
+
+ [include_tag_in_seed](#include_tag_in_seed)
|
7
|
+
+ [include_time_in_seed](#include_time_in_seed)
|
8
|
+
+ [use_record_as_seed](#use_record_as_seed)
|
9
|
+
+ [use_entire_record](#use_entire_record)
|
10
|
+
+ [record_keys](#record_keys)
|
11
|
+
+ [separator](#separator)
|
12
|
+
+ [hash_type](#hash_type)
|
13
|
+
* [Advanced Usage](#advanced-usage)
|
14
|
+
|
15
|
+
## Usage
|
16
|
+
|
17
|
+
In your Fluentd configuration, use `@type elasticsearch_genid`. Additional configuration is optional, default values would look like this:
|
18
|
+
|
19
|
+
```
|
20
|
+
<filter>
|
21
|
+
@type elasticsearch_genid
|
22
|
+
hash_id_key _hash
|
23
|
+
include_tag_in_seed false
|
24
|
+
include_time_in_seed false
|
25
|
+
use_record_as_seed false
|
26
|
+
use_entire_record false
|
27
|
+
record_keys []
|
28
|
+
separator _
|
29
|
+
hash_type sha1
|
30
|
+
</filter>
|
31
|
+
```
|
32
|
+
|
33
|
+
## Configuration
|
34
|
+
|
35
|
+
### hash_id_key
|
36
|
+
|
37
|
+
```
|
38
|
+
hash_id_key _id
|
39
|
+
```
|
40
|
+
|
41
|
+
You can specify generated hash storing key.
|
42
|
+
|
43
|
+
### include_tag_in_seed
|
44
|
+
|
45
|
+
```
|
46
|
+
include_tag_in_seed true
|
47
|
+
```
|
48
|
+
|
49
|
+
You can specify to use tag for hash generation seed.
|
50
|
+
|
51
|
+
### include_time_in_seed
|
52
|
+
|
53
|
+
```
|
54
|
+
include_time_in_seed true
|
55
|
+
```
|
56
|
+
|
57
|
+
You can specify to use time for hash generation seed.
|
58
|
+
|
59
|
+
### use_record_as_seed
|
60
|
+
|
61
|
+
```
|
62
|
+
use_record_as_seed true
|
63
|
+
```
|
64
|
+
|
65
|
+
You can specify to use record in events for hash generation seed. This parameter should be used with [record_keys](#record_keys) parameter in practice.
|
66
|
+
|
67
|
+
### record_keys
|
68
|
+
|
69
|
+
```
|
70
|
+
record_keys request_id,pipeline_id
|
71
|
+
```
|
72
|
+
|
73
|
+
You can specify keys which are record in events for hash generation seed. This parameter should be used with [use_record_as_seed](#use_record_as_seed) parameter in practice.
|
74
|
+
|
75
|
+
### use_entire_record
|
76
|
+
|
77
|
+
```
|
78
|
+
use_entire_record true
|
79
|
+
```
|
80
|
+
|
81
|
+
You can specify to use entire record in events for hash generation seed.
|
82
|
+
|
83
|
+
|
84
|
+
### separator
|
85
|
+
|
86
|
+
```
|
87
|
+
separator |
|
88
|
+
```
|
89
|
+
|
90
|
+
You can specify separator charactor to creating seed for hash generation.
|
91
|
+
|
92
|
+
### hash_type
|
93
|
+
|
94
|
+
```
|
95
|
+
hash_type sha1
|
96
|
+
```
|
97
|
+
|
98
|
+
You can specify hash algorithm. Support algorithms `md5`, `sha1`, `sha256`, `sha512`. Default: `sha1`
|
99
|
+
|
100
|
+
## Advanced Usage
|
101
|
+
|
102
|
+
Elasticsearch GenID plugin can handle record contents differing with the following parameters:
|
103
|
+
|
104
|
+
```aconf
|
105
|
+
<filter the.awesome.your.routing.tag>
|
106
|
+
@type elasticsearch_genid
|
107
|
+
use_entire_record true
|
108
|
+
hash_type sha1
|
109
|
+
hash_id_key _hash
|
110
|
+
separator _
|
111
|
+
inc_time_as_key true
|
112
|
+
inc_tag_as_key true
|
113
|
+
</filter>
|
114
|
+
```
|
115
|
+
|
116
|
+
The above configuration can handle tag, time, and record differing and generate different base64 encoded hash per record.
|
@@ -0,0 +1,293 @@
|
|
1
|
+
## Index
|
2
|
+
|
3
|
+
* [Installation](#installation)
|
4
|
+
* [Usage](#usage)
|
5
|
+
* [Configuration](#configuration)
|
6
|
+
+ [host](#host)
|
7
|
+
+ [port](#port)
|
8
|
+
+ [hosts](#hosts)
|
9
|
+
+ [user, password, path, scheme, ssl_verify](#user-password-path-scheme-ssl_verify)
|
10
|
+
+ [parse_timestamp](#parse_timestamp)
|
11
|
+
+ [timestampkey_format](#timestampkey_format)
|
12
|
+
+ [timestamp_key](#timestamp_key)
|
13
|
+
+ [timestamp_parse_error_tag](#timestamp_parse_error_tag)
|
14
|
+
+ [http_backend](#http_backend)
|
15
|
+
+ [request_timeout](#request_timeout)
|
16
|
+
+ [reload_connections](#reload_connections)
|
17
|
+
+ [reload_on_failure](#reload_on_failure)
|
18
|
+
+ [resurrect_after](#resurrect_after)
|
19
|
+
+ [with_transporter_log](#with_transporter_log)
|
20
|
+
+ [Client/host certificate options](#clienthost-certificate-options)
|
21
|
+
+ [sniffer_class_name](#sniffer-class-name)
|
22
|
+
+ [custom_headers](#custom_headers)
|
23
|
+
+ [docinfo_fields](#docinfo_fields)
|
24
|
+
+ [docinfo_target](#docinfo_target)
|
25
|
+
+ [docinfo](#docinfo)
|
26
|
+
* [Advanced Usage](#advanced-usage)
|
27
|
+
|
28
|
+
## Usage
|
29
|
+
|
30
|
+
In your Fluentd configuration, use `@type elasticsearch` and specify `tag your.awesome.tag`. Additional configuration is optional, default values would look like this:
|
31
|
+
|
32
|
+
```
|
33
|
+
<source>
|
34
|
+
@type elasticsearch
|
35
|
+
host localhost
|
36
|
+
port 9200
|
37
|
+
index_name fluentd
|
38
|
+
type_name fluentd
|
39
|
+
tag my.logs
|
40
|
+
</source>
|
41
|
+
```
|
42
|
+
|
43
|
+
## Configuration
|
44
|
+
|
45
|
+
### host
|
46
|
+
|
47
|
+
```
|
48
|
+
host user-custom-host.domain # default localhost
|
49
|
+
```
|
50
|
+
|
51
|
+
You can specify Elasticsearch host by this parameter.
|
52
|
+
|
53
|
+
|
54
|
+
### port
|
55
|
+
|
56
|
+
```
|
57
|
+
port 9201 # defaults to 9200
|
58
|
+
```
|
59
|
+
|
60
|
+
You can specify Elasticsearch port by this parameter.
|
61
|
+
|
62
|
+
### hosts
|
63
|
+
|
64
|
+
```
|
65
|
+
hosts host1:port1,host2:port2,host3:port3
|
66
|
+
```
|
67
|
+
|
68
|
+
You can specify multiple Elasticsearch hosts with separator ",".
|
69
|
+
|
70
|
+
If you specify multiple hosts, this plugin will load balance updates to Elasticsearch. This is an [elasticsearch-ruby](https://github.com/elasticsearch/elasticsearch-ruby) feature, the default strategy is round-robin.
|
71
|
+
|
72
|
+
If you specify `hosts` option, `host` and `port` options are ignored.
|
73
|
+
|
74
|
+
```
|
75
|
+
host user-custom-host.domain # ignored
|
76
|
+
port 9200 # ignored
|
77
|
+
hosts host1:port1,host2:port2,host3:port3
|
78
|
+
```
|
79
|
+
|
80
|
+
If you specify `hosts` option without port, `port` option is used.
|
81
|
+
|
82
|
+
```
|
83
|
+
port 9200
|
84
|
+
hosts host1:port1,host2:port2,host3 # port3 is 9200
|
85
|
+
```
|
86
|
+
|
87
|
+
**Note:** If you will use scheme https, do not include "https://" in your hosts ie. host "https://domain", this will cause ES cluster to be unreachable and you will receive an error "Can not reach Elasticsearch cluster"
|
88
|
+
|
89
|
+
**Note:** Up until v2.8.5, it was allowed to embed the username/password in the URL. However, this syntax is deprecated as of v2.8.6 because it was found to cause serious connection problems (See #394). Please migrate your settings to use the `user` and `password` field (described below) instead.
|
90
|
+
|
91
|
+
### user, password, path, scheme, ssl_verify
|
92
|
+
|
93
|
+
```
|
94
|
+
user demo
|
95
|
+
password secret
|
96
|
+
path /elastic_search/
|
97
|
+
scheme https
|
98
|
+
```
|
99
|
+
|
100
|
+
You can specify user and password for HTTP Basic authentication.
|
101
|
+
|
102
|
+
And this plugin will escape required URL encoded characters within `%{}` placeholders.
|
103
|
+
|
104
|
+
```
|
105
|
+
user %{demo+}
|
106
|
+
password %{@secret}
|
107
|
+
```
|
108
|
+
|
109
|
+
Specify `ssl_verify false` to skip ssl verification (defaults to true)
|
110
|
+
|
111
|
+
### parse_timestamp
|
112
|
+
|
113
|
+
```
|
114
|
+
parse_timestamp true # defaults to false
|
115
|
+
```
|
116
|
+
|
117
|
+
Parse a `@timestamp` field and add parsed time to the event.
|
118
|
+
|
119
|
+
### timestamp_key_format
|
120
|
+
|
121
|
+
The format of the time stamp field (`@timestamp` or what you specify in Elasticsearch). This parameter only has an effect when [parse_timestamp](#parse_timestamp) is true as it only affects the name of the index we write to. Please see [Time#strftime](http://ruby-doc.org/core-1.9.3/Time.html#method-i-strftime) for information about the value of this format.
|
122
|
+
|
123
|
+
Setting this to a known format can vastly improve your log ingestion speed if all most of your logs are in the same format. If there is an error parsing this format the timestamp will default to the ingestion time. If you are on Ruby 2.0 or later you can get a further performance improvement by installing the "strptime" gem: `fluent-gem install strptime`.
|
124
|
+
|
125
|
+
For example to parse ISO8601 times with sub-second precision:
|
126
|
+
|
127
|
+
```
|
128
|
+
timestamp_key_format %Y-%m-%dT%H:%M:%S.%N%z
|
129
|
+
```
|
130
|
+
|
131
|
+
### timestamp_parse_error_tag
|
132
|
+
|
133
|
+
With `parse_timestamp true`, elasticsearch input plugin parses timestamp field for consuming event time. If the consumed record has invalid timestamp value, this plugin emits an error event to `@ERROR` label with `timestamp_parse_error_tag` configured tag.
|
134
|
+
|
135
|
+
Default value is `elasticsearch_plugin.input.time.error`.
|
136
|
+
|
137
|
+
### http_backend
|
138
|
+
|
139
|
+
With `http_backend typhoeus`, elasticsearch plugin uses typhoeus faraday http backend.
|
140
|
+
Typhoeus can handle HTTP keepalive.
|
141
|
+
|
142
|
+
Default value is `excon` which is default http_backend of elasticsearch plugin.
|
143
|
+
|
144
|
+
```
|
145
|
+
http_backend typhoeus
|
146
|
+
```
|
147
|
+
|
148
|
+
|
149
|
+
### request_timeout
|
150
|
+
|
151
|
+
You can specify HTTP request timeout.
|
152
|
+
|
153
|
+
This is useful when Elasticsearch cannot return response for bulk request within the default of 5 seconds.
|
154
|
+
|
155
|
+
```
|
156
|
+
request_timeout 15s # defaults to 5s
|
157
|
+
```
|
158
|
+
|
159
|
+
### reload_connections
|
160
|
+
|
161
|
+
You can tune how the elasticsearch-transport host reloading feature works. By default it will reload the host list from the server every 10,000th request to spread the load. This can be an issue if your Elasticsearch cluster is behind a Reverse Proxy, as Fluentd process may not have direct network access to the Elasticsearch nodes.
|
162
|
+
|
163
|
+
```
|
164
|
+
reload_connections false # defaults to true
|
165
|
+
```
|
166
|
+
|
167
|
+
### reload_on_failure
|
168
|
+
|
169
|
+
Indicates that the elasticsearch-transport will try to reload the nodes addresses if there is a failure while making the
|
170
|
+
request, this can be useful to quickly remove a dead node from the list of addresses.
|
171
|
+
|
172
|
+
```
|
173
|
+
reload_on_failure true # defaults to false
|
174
|
+
```
|
175
|
+
|
176
|
+
### resurrect_after
|
177
|
+
|
178
|
+
You can set in the elasticsearch-transport how often dead connections from the elasticsearch-transport's pool will be resurrected.
|
179
|
+
|
180
|
+
```
|
181
|
+
resurrect_after 5s # defaults to 60s
|
182
|
+
```
|
183
|
+
|
184
|
+
### with_transporter_log
|
185
|
+
|
186
|
+
This is debugging purpose option to enable to obtain transporter layer log.
|
187
|
+
Default value is `false` for backward compatibility.
|
188
|
+
|
189
|
+
We recommend to set this true if you start to debug this plugin.
|
190
|
+
|
191
|
+
```
|
192
|
+
with_transporter_log true
|
193
|
+
```
|
194
|
+
|
195
|
+
### Client/host certificate options
|
196
|
+
|
197
|
+
Need to verify Elasticsearch's certificate? You can use the following parameter to specify a CA instead of using an environment variable.
|
198
|
+
```
|
199
|
+
ca_file /path/to/your/ca/cert
|
200
|
+
```
|
201
|
+
|
202
|
+
Does your Elasticsearch cluster want to verify client connections? You can specify the following parameters to use your client certificate, key, and key password for your connection.
|
203
|
+
```
|
204
|
+
client_cert /path/to/your/client/cert
|
205
|
+
client_key /path/to/your/private/key
|
206
|
+
client_key_pass password
|
207
|
+
```
|
208
|
+
|
209
|
+
If you want to configure SSL/TLS version, you can specify ssl\_version parameter.
|
210
|
+
```
|
211
|
+
ssl_version TLSv1_2 # or [SSLv23, TLSv1, TLSv1_1]
|
212
|
+
```
|
213
|
+
|
214
|
+
:warning: If SSL/TLS enabled, it might have to be required to set ssl\_version.
|
215
|
+
|
216
|
+
### Sniffer Class Name
|
217
|
+
|
218
|
+
The default Sniffer used by the `Elasticsearch::Transport` class works well when Fluentd has a direct connection
|
219
|
+
to all of the Elasticsearch servers and can make effective use of the `_nodes` API. This doesn't work well
|
220
|
+
when Fluentd must connect through a load balancer or proxy. The parameter `sniffer_class_name` gives you the
|
221
|
+
ability to provide your own Sniffer class to implement whatever connection reload logic you require. In addition,
|
222
|
+
there is a new `Fluent::Plugin::ElasticsearchSimpleSniffer` class which reuses the hosts given in the configuration, which
|
223
|
+
is typically the hostname of the load balancer or proxy. For example, a configuration like this would cause
|
224
|
+
connections to `logging-es` to reload every 100 operations:
|
225
|
+
|
226
|
+
```
|
227
|
+
host logging-es
|
228
|
+
port 9200
|
229
|
+
reload_connections true
|
230
|
+
sniffer_class_name Fluent::Plugin::ElasticsearchSimpleSniffer
|
231
|
+
reload_after 100
|
232
|
+
```
|
233
|
+
|
234
|
+
### custom_headers
|
235
|
+
|
236
|
+
This parameter adds additional headers to request. The default value is `{}`.
|
237
|
+
|
238
|
+
```
|
239
|
+
custom_headers {"token":"secret"}
|
240
|
+
```
|
241
|
+
|
242
|
+
### docinfo_fields
|
243
|
+
|
244
|
+
This parameter specifies docinfo record keys. The default values are `['_index', '_type', '_id']`.
|
245
|
+
|
246
|
+
```
|
247
|
+
docinfo_fields ['_index', '_id']
|
248
|
+
```
|
249
|
+
|
250
|
+
### docinfo_target
|
251
|
+
|
252
|
+
This parameter specifies docinfo storing key. The default value is `@metadata`.
|
253
|
+
|
254
|
+
```
|
255
|
+
docinfo_target metadata
|
256
|
+
```
|
257
|
+
|
258
|
+
### docinfo
|
259
|
+
|
260
|
+
This parameter specifies whether docinfo information including or not. The default value is `false`.
|
261
|
+
|
262
|
+
```
|
263
|
+
docinfo false
|
264
|
+
```
|
265
|
+
|
266
|
+
## Advanced Usage
|
267
|
+
|
268
|
+
Elasticsearch Input plugin and Elasticsearch output plugin can combine to transfer records into another cluster.
|
269
|
+
|
270
|
+
```aconf
|
271
|
+
<source>
|
272
|
+
@type elasticsearch
|
273
|
+
host original-cluster.local
|
274
|
+
port 9200
|
275
|
+
tag raw.elasticsearch
|
276
|
+
index_name logstash-*
|
277
|
+
docinfo true
|
278
|
+
# repeat false
|
279
|
+
# num_slices 2
|
280
|
+
# with_transporter_log true
|
281
|
+
</source>
|
282
|
+
<match raw.elasticsearch>
|
283
|
+
@type elasticsearch
|
284
|
+
host transferred-cluster.local
|
285
|
+
port 9200
|
286
|
+
index_name ${$.@metadata._index}
|
287
|
+
type_name ${$.@metadata._type} # This parameter will be deprecated due to Removal of mapping types since ES7.
|
288
|
+
id_key ${$.@metadata._id} # This parameter is needed for prevent duplicated records.
|
289
|
+
<buffer tag, $.@metadata._index, $.@metadata._type, $.@metadata._id>
|
290
|
+
@type memory # should use file buffer for preventing chunk lost
|
291
|
+
</buffer>
|
292
|
+
</match>
|
293
|
+
```
|