Logstash-解析XML属性

时间:2018-08-18 23:34:14

标签: xml elasticsearch xpath logstash

我正在尝试解析字段名称并将其发送到ElasticSearch,并且遇到了无法正确排列字段的问题。

这是一些示例XML 

<products>
<product name="name_1"></product>
<product name="name_2"></product>
<product name="name_3"></product>
</products>

我的logstash配置文件:

input {
    file {
        path => "sample.xml"
        start_position => "beginning"
        sincedb_path => "/dev/null"
        exclude => "*.gz"
        type => "xml"
        codec => multiline {
            pattern => "<products>"
            negate => "true"
            what => "previous"
        }
    }
}

filter {
    xml {
        source => "message"
        store_xml => false
        target => "products"
        add_field => {
            "p_name" => "%{[products][product][name]}"
        }
        xpath => [
            "/products/*/@name", "product_name"
        ]
    }
}

当前,在ElasticSearch中:有一个p_name设置为%{[products][product][name]},而product_namename_1, name_2, name_3

相反,我想拥有3条不同的记录,每条记录都有自己独特的product_name

什么是正确的xml过滤器?

1 个答案:

答案 0 :(得分:0)

找出问题(而不是我以为我在摄取的东西),首先是错误地读取了输入。下面是我的logstash.config文件。

我没有摄取<products>属性,而是直接进入了<product>属性。这意味着每个进入的生产线都是单个产品(及其子元素)。 

input {
    file {
        path => /file/example*.xml"
        start_position => "beginning"
        sincedb_path => "/dev/null"
        type => "xml"
        codec => multiline {
            pattern => "<product>"
            negate => "true"
            what => "previous"
        }
    }
}

filter {
    xml {
        source => "message"
        store_xml => false
        xpath => [
            "/product/@name", "name"
        ]
    }
}
相关问题
最新问题