SinksElasticSearch

The elasticsearch sink accepts log lines and is intended to used in a similar manner to the Firehose sink. All writes are placed under the YYYY-MM-DD index, though a prefix may be configured.

Configuration

The elasticsearch sink configuration options are as follows:

port :: the port to ship log lines to [default: 9200]
host :: the host to ship log lines to [default: "127.0.0.1"]
secure :: whether to attempt HTTPS or not with the elasticsearch host [default: false]
index-prefix :: the index prefix for elasticsearch writes [default: ""]
index_type :: the _type of each payload [default: "payload"]
delivery_attempt_limit :: determines how many attempts will be made to deliver a single log line [default: 10] (SINCE 0.8.3)
flush_interval :: determines how often to flush, overrides global flush_interval [default: 60]

Please be aware that index-prefix is with a hyphen, not an underscore. Also, if an index prefix is enabled an "-" is automatically inserted between the prefix and the auto-generated index.

Example

[sinks]
  [sinks.elasticsearch]
  host = "cernan.example.org"
  port = 8086
  secure = false
  index-prefix = "logs"
  index_type = "cernan"
  flush_interval = 60

This enables the elasticsearch sink, shipping to "cernan.example.org" on port 8086 with no security. Logs are indexed as above, prefixed by "logs-", with the payload type being "cernan". Flushes are made every 60 seconds, independent of the global option.

A Postmates Project
Tech Blog | Twitter @PostmatesDev | Jobs

Home
Quickstart
Configuration
Data Model
Sources
- Avro
- Files
- Internal
- Graphite
- Native
- Statsd
Sinks
- Amazon Firehose
- Console
- ElasticSearch
- InfluxDB
- Kafka
- Kinesis
- Native
- Null
- Prometheus
- Wavefront
Filters
Benchmarks
Glossary
Acknowledgements

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SinksElasticSearch

Configuration

Example

Clone this wiki locally