template.json
{
"logger" : {
"template": "logger*",
"settings": {
"index.number_of_shards": 3,
"number_of_replicas": 0
},
"mappings" : {
"ubtlog" : {
"properties" : {
"@timestamp" : {
"type" : "date",
"format" : "dateOptionalTime",
"doc_values" : true
},
"@version" : {
"type" : "string",
"index" : "not_analyzed",
"doc_values" : true
},
"objectId" : {
"type" : "string",
"index" : "not_analyzed"
},
"objectName" : {
"type" : "string",
"index" : "not_analyzed"
},
"type" : {
"type" : "string",
"index" : "not_analyzed"
},
"behaviorType" : {
"type" : "string",
"index" : "not_analyzed"
},
"behaviorAt" : {
"type" : "string",
"index" : "not_analyzed"
},
"tagType" : {
"type" : "string"
},
"tagName" : {
"type" : "string"
},
"ubtNo" : {
"type" : "string",
"index" : "not_analyzed"
},
"tagCode" : {
"type" : "string",
"index" : "not_analyzed"
},
"userNo" : {
"type" : "string",
"index" : "not_analyzed"
}
}
}
}
}
} logstash.conf
output {
elasticsearch {
hosts => ["***:9200","***:9200","***:9200"]
index => "logger-%{+YYYY.MM.dd}"
document_type => "%{type}"
user => elastic
password => ****
manage_template => false
template => "/home/logger.json"
}
stdout { codec=>rubydebug }
}
Comments | NOTHING