我是Elasticsearch的新手,我正在尝试使用Logstash将数据加载到索引。以下是我的losgstash配置的一部分:
filter {
aggregate {
task_id => "%{code}"
code => "
map['campaignId'] = event.get('CAM_ID')
map['country'] = event.get('COUNTRY')
map['countryName'] = event.get('COUNTRYNAME')
# etc
"
push_previous_map_as_event => true
timeout => 5
}
}
output {
elasticsearch {
document_id => "%{code}"
document_type => "company"
index => "company_v1"
codec => "json"
hosts => ["127.0.0.1:9200"]
}
}
我期望聚合将例如将列“ CAM_ID”映射到ElasticSearch Index中的属性为“ campaignId”。而是创建一个名称为“ cam_id”的属性,该属性为列名小写。其他属性相同。
以下是执行logstash后的索引文档:
{
"company_v1": {
"aliases": {
},
"mappings": {
"company": {
"properties": {
"@timestamp": {
"type": "date"
},
"@version": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"cam_id": {
"type": "long"
},
"campaignId": {
"type": "long"
},
"cam_type": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"campaignType": {
"type": "text"
}
}
}
},
"settings": {
"index": {
"creation_date": "1545905435871",
"number_of_shards": "5",
"number_of_replicas": "1",
"uuid": "Dz0x16ohQWWpuhtCB3Y4Vw",
"version": {
"created": "6050399"
},
"provided_name": "company_v1"
}
}
}
}
'campaignId'和'campaignType'是在创建索引时由我创建的,而logstash创建了其他2。
有人可以解释一下如何在加载数据时配置logstash以自定义索引文档的属性名称吗?
非常感谢您。
最好的问候