Fluentd Elasticsearch plugin - logstash_format - config breaks
205 views
Skip to first unread message
Kishor Ramanan
Mar 20, 2017, 1:15:50 PM3/20/17
to Fluentd Google Group
Here is my architecture
setting.
I am using docker log driver to send logs directly to fluentd then to my elasticsearch
Issues:
I have installed td-agent and using elasticsearch plugin to push logs but they seems to be broken because of
logstash_format trueDetailed issue: https://github.com/uken/fluent-plugin-elasticsearch/issues/247
I am looking for which configuration should I use, how to get the timestamp into the logs.
Eduardo Silva
Mar 20, 2017, 2:12:51 PM3/20/17
to flu...@googlegroups.com
I've just replied in Github, but for the record:
If I am not wrong when you enable logstash_format, your Index name will take the proposed one as logstash-YYYY.MM.DD, also you should get rid of the index_name key.
If you want to follow logstash format BUT use a different format, take a look to the options logstash_prefix and logstash_dateformat, so you can get your own customized index name.
You can read more about the options here:
https://github.com/uken/fluent-plugin-elasticsearch
If I am not wrong when you enable logstash_format, your Index name will take the proposed one as logstash-YYYY.MM.DD, also you should get rid of the index_name key.
If you want to follow logstash format BUT use a different format, take a look to the options logstash_prefix and logstash_dateformat, so you can get your own customized index name.
You can read more about the options here:
https://github.com/uken/fluent-plugin-elasticsearch
--
You received this message because you are subscribed to the Google Groups "Fluentd Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fluentd+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages