你的浏览器禁用了JavaScript, 请开启后刷新浏览器获得更好的体验!
输入关键字进行搜索
搜索:
没有找到相关结果
tacsklet - 公司有用到es
赞同来自:
venyowang - 90
chenkun0209
lixiucai
{ "mappings": { "properties": { "id": { "type": "long" }, "app_id": { "type": "long" }, "order_no": { "type": "text" }, "created_by": { "type": "long" }, "created_time": { "type": "long" }, "updated_by": { "type": "long" }, "updated_time": { "type": "long" }, "deleted": { "type": "short" }, "handle_status": { "type": "short" }, "platform_code": { "type": "keyword" }, "partner_info_id": { "type": "long" }, "common_reward": { "type": "long" }, "advanced_reward": { "type": "long" } } } }
input{ jdbc{ # 数据库驱动包存放路径 jdbc_driver_library => "D:\dev\logstash-7.8.0\lib\driver\mysql-connector-java-8.0.19.jar" # 数据库驱动器; jdbc_driver_class => "Java::com.mysql.jdbc.Driver" # 数据库连接方式 jdbc_connection_string => "jdbc:mysql://localhost:3306/xfyd_account_web?useUnicode=true&characterEncoding=utf-8&useSSL=true&serverTimezone=UTC" # 数据库用户名 jdbc_user => "root" # 数据库密码 jdbc_password => "root" # 数据库重连尝试次数 connection_retry_attempts => "3" # 判断数据库连接是否可用,默认false不开启 jdbc_validate_connection => "true" # 数据库连接可用校验超时时间,默认3600s jdbc_validation_timeout => "3600" # 开启分页查询(默认false不开启) jdbc_paging_enabled => "true" # 单次分页查询条数(默认100000,若字段较多且更新频率较高,建议调低此值) jdbc_page_size => "50000" # statement为查询数据sql,如果sql较复杂,建议通过statement_filepath配置sql文件的存放路径 # statement_filepath => "D:\logstash-7.8.0\config\jdbc.sql" statement => "SELECT id,app_id,order_no,created_by,created_time,updated_by,updated_time,deleted,handle_status,platform_code,partner_info_id,common_reward,advanced_reward FROM partner_business_order WHERE updated_time >= :sql_last_value" #statement => "SELECT * FROM partner_business_order WHERE updated_time >= :sql_last_value" # 是否将字段名转换为小写,默认true(如果有数据序列化、反序列化需求,建议改为false); lowercase_column_names => false # 是否记录上次执行结果,true表示会将上次执行结果的tracking_column字段的值保存到last_run_metadata_path指定的文件中 record_last_run => true # 需要记录查询结果某字段的值时,此字段为true,否则默认tracking_column为timestamp的值 use_column_value => true # 查询结果某字段的数据类型,仅包括numeric和timestamp,默认为numeric tracking_column_type => numeric # 需要记录的字段,用于增量同步,需是数据库字段 tracking_column => "updated_time" # 记录上次执行结果数据的存放位置 last_run_metadata_path => "D:\dev\logstash-7.8.0\config\last_value_meta.txt" # 是否清除last_run_metadata_path的记录,需要增量同步时此字段必须为false clean_run => false # 同步频率(分 时 天 月 年),默认每分钟同步一次 schedule => "* * * * *" } } output{ elasticsearch{ # ES地址,集群中多个地址可用数组形式:hosts => ["localhost:9200"] hosts => "localhost:9200" # 索引名称 index => "xfyd_account_web" # 数据唯一索引(建议同数据库表的唯一ID对应) document_id => "%{id}" document_type => "_doc" } }
要回复问题请先登录或注册
4 个回复
tacsklet - 公司有用到es
赞同来自:
venyowang - 90
赞同来自:
比如:%{NUMBER:fieldname:int}
chenkun0209
赞同来自:
"message" => "127.0.0.1 - - [14/Apr/2015:09:53:40 +0800] \"GET /router.php HTTP/1.1\" 404 285 \"-\" \"curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2\"",
"@version" => "1",
"@timestamp" => "2015-04-14T01:53:57.182Z",
"type" => "apache",
"host" => "xxxxxxxx",
"path" => "/var/log/httpd/access_log",
"clientip" => "127.0.0.1",
"ident" => "-",
"auth" => "-",
"timestamp" => "14/Apr/2015:09:53:40 +0800",
"verb" => "GET",
"request" => "/router.php",
"httpversion" => "1.1",
"response" => "404",
"bytes" => "285",
"referrer" => "\"-\"",
"agent" => "\"curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2\""
lixiucai
赞同来自:
我的建映射json
我的logstash的配置