我希望logstash在自动创建索引的时候使用ES中定义好的template,但是我配置好之后,logstash自动创建的索引都不是我定义的template,请问要如何让logstash使用ES中定义的template创建索引?
logstash配置如下:
logstash配置如下:
output {
elasticsearch {
action => "index"
hosts => ["localhost:9200"]
index => "%{team}-%{+YYYY.MM.dd}"
manage_template => false
template_name => "logstash"
template_overwrite => true
document_type => "%{[@metadata][type]}"
}
}{
"logstash": {
"order": 1,
"version": 50002,
"template": "logstash-*",
"settings": {
"index": {
"refresh_interval": "5s"
}
},
"mappings": {
"_default_": {
"dynamic_templates": [
{
"message_field": {
"path_match": "message",
"mapping": {
"norms": false,
"type": "text"
},
"match_mapping_type": "string"
}
}
,
{
"string_fields": {
"mapping": {
"norms": false,
"type": "text",
"fields": {
"keyword": {
"type": "keyword"
}
}
},
"match_mapping_type": "string",
"match": "*"
}
}
],
"_all": {
"enabled": false
},
"properties": {
"@timestamp": {
"include_in_all": false,
"type": "date"
},
"geoip": {
"dynamic": true,
"properties": {
"ip": {
"type": "ip"
},
"latitude": {
"type": "half_float"
},
"location": {
"type": "geo_point"
},
"longitude": {
"type": "half_float"
}
}
},
"@version": {
"include_in_all": false,
"type": "keyword"
}
}
}
},
"aliases": { }
}
}
2 个回复
xiaoke - http://blog.51cto.com/kexiaoke
赞同来自: Julian
xwldyx
赞同来自: