我已经将我的xml文件上传到logtsah中,一切都一样 但是结果却不是我想要的,
因为我想为列指定每个标签,以便我可以使用列名在kibana中进行搜索,但不能在所有文档中进行搜索。
这是kibana中的结果:
{
"_index": "tizer",
"_type": "tizerlfiles",
"_id": "AWhvriZgrW4BZjJkO214",
"_score": 1,
"_source": {
"@version": "1",
"host": "DESKTOP-2LL9494",
"path": "D:/test.xml",
"@timestamp": "2019-01-21T09:11:50.242Z",
"message": """
<?xml version="1.0" encoding="UTF-8"?>
<tns:Invoicing xmlns:tns="xxx">
<tns:FileNumber>20180919093512</tns:FileNumber>
<tns:FileDate>2018-09-19</tns:FileDate>
<tns:Forwarder>DBS</tns:Forwarder>
<tns:Invoice>
<tns:InvoicingDate>"2018-09-17"</tns:InvoicingDate>
<tns:InvoicingBranch>SJCPTY</tns:InvoicingBranch>
<tns:InitialInvoiceNumber>0</tns:InitialInvoiceNumber>
<tns:ChanelInvoicingRefrence>257805</tns:ChanelInvoicingRefrence>
<tns:FFInvoiceLineRefrence>01041000</tns:FFInvoiceLineRefrence>
<tns:PayerAccountNameCode>200111</tns:PayerAccountNameCode>
<tns:BusinessDivision>FA</tns:BusinessDivision>
<tns:ETD>2018-09-16</tns:ETD>
<tns:ETA>2018-09-16</tns:ETA>
<tns:TypeConsignee>Other</tns:TypeConsignee>
<tns:Consignee>EUROPERFUMERIA</tns:Consignee>
<tns:Customer>OTHER</tns:Customer>
<tns:Departure>
<tns:CountryCode>FR</tns:CountryCode>
<tns:CodePostal>95470</tns:CodePostal>
<tns:City>VEMARS</tns:City>
<tns:Address>"P.A. des Portes de Vemars CR9. Rue de la Haie Marteau "</tns:Address>
<tns:Airport>
<tns:Code>CDG</tns:Code>
<tns:Denomination>FRANCE</tns:Denomination>
</tns:Airport>
<tns:Region>EMEA</tns:Region>
</tns:Departure>
</tns:Invoice>
""",
"tags": [
"multiline"
]
}
这是我的配置文件:
input {
file {
path => "D:/test.xml"
start_position => beginning
sincedb_path => "NUL"
codec => multiline {
pattern => "<invoicing>|</invoicing>"
negate => "true"
what => "previous"
auto_flush_interval => 1
max_lines => 3000
}
}
}
filter {
xml {
source => "message"
target => "message.parsed"
store_xml => false
force_array => false
}
}
output {
stdout { codec => rubydebug }
elasticsearch {
index => "tizer"
hosts => ["localhost:9200"]
document_type => "tizerlfiles"
}
}