TerribleDev/TimberWinR
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a99b04e1b14f7b28c53f0e5010db58fbd92cc270
TimberWinR/TimberWinR/mdocs/ElasticsearchOutput.md
Doug Schmidt a99b04e1b1 Added support for HTTPS authentication to Found clusters 
Elasticsearch's newly acquired found.io hosted clusters require HTTPS basic authentication in order to feed the index.

This feature branch adds optional support for HTTPS according to https://www.elastic.co/guide/en/found/current/elk-and-found.html#_using_logstash

When SSL is true, a non-empty username and password are required to authenticate against an Elasticsearch cluster.
2015-08-31 17:15:36 -07:00

2.8 KiB
Raw Blame History

Output: Elasticsearch

The Elasticsearch output passes on data directly to Elasticsearch.

Parameters

The following parameters are allowed when configuring the Elasticsearch output.

Parameter Type Description Details Default
flush_size integer Maximum number of messages before flushing 50000
host [string] Array of hostname(s) of your Elasticsearch server(s) IP or DNS name
idle_flush_time integer Maximum number of seconds elapsed before triggering a flush 10
index [string] The index name to use index used/created logstash-yyyy.dd.mm
interval integer Interval in milliseconds to sleep during batch sends Interval 5000
max_queue_size integer Maximum Elasticsearch queue depth 50000
port integer Elasticsearch port number This port must be open 9200
ssl bool If true, use an HTTPS connection to Elasticsearch. See [this page] (https://www.elastic.co/guide/en/found/current/elk-and-found.html#_using_logstash) for a configuration example. username and password are also required for HTTPS connections. false
username string Username for Elasticsearch credentials. Required for HTTPS connection.
password string Password for Elasticsearch credentials. Required for HTTPS connection.
queue_overflow_discard_oldest bool If true, discard oldest messages when max_queue_size reached otherwise discard newest true
threads [string] Number of Threads Number of worker threads processing messages 1
enable_ping bool If true, pings the server to test for keep alive false
ping_timeout integer Default ping timeout when enable_ping is true milliseconds 200

Index parameter

If you want to output your data everyday to a new index, use following index format: "index-%{yyyy.MM.dd}". Here date format could be any forwat which you need.

Example Input:

{
    "TimberWinR": {
        "Outputs": {
            "Elasticsearch": [
               { 
                    "threads":  1,   
                    "interval": 5000,                             
                    "host": [
                        "tstlexiceapp006.mycompany.svc"
                    ]
                }
            ]
		}
	}
}
Reference in New Issue View Git Blame Copy Permalink