我想从索引导入一些数据,例如“logstash-2016-07-01”到新索引。
所以我使用以下方法创建了新索引:
curl -XPUT 'hostname:port/anomaly/'
接下来,我使用此查询搜索数据我需要的内容:
curl 'hostname:port/logstash-2016.07*/_search?pretty' -d @/tmp/query > /tmp/json.data
的/ tmp /查询
{"size":500,"sort":[{"@timestamp":{"order":"desc","unmapped_type":"boolean"}}],"query":{"filtered":{"query":{"query_string":{"analyze_wildcard":true,"query":"*:*"}},"filter":{"bool":{"must":[{"range":{"@timestamp":{"gte":1468965600000,"lte":1469138400000}}}],"must_not":[]}}}}}
我以json格式获得了正确的数据。我想将这些数据导入新索引“异常”。所以我尝试了这个:
curl -XPUT hostname:port/_bulk --data-binary @/tmp/json.data
{"error":"JsonParseException[Unexpected end-of-input: expected close marker for OBJECT (from [Source: [B@10e3753c; line: 1, column: 0])\n at [Source: [B@10e3753c; line: 1, column: 3]]","status":500}
如何将/tmp/json.data导入索引'异常'?