logstash 简介

logstash 简介

1、下载及启动

1
https://www.elastic.co/cn/downloads/logstash  # 下载地址

解压后进入该目录,将写好的配置文件放进 bin 文件夹

文件如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
input {
  file {
    path => "/Users/zhangweijie/ELK/logstash-7.5.2/bin/movies.csv"
    start_position => "beginning"
    sincedb_path => "/dev/null"
  }
}
filter {
  csv {
    separator => ","
    columns => ["id","content","genre"]
  }

  mutate {
    split => { "genre" => "|" }
    remove_field => ["path", "host","@timestamp","message"]
  }

  mutate {

    split => ["content", "("]
    add_field => { "title" => "%{[content][0]}"}
    add_field => { "year" => "%{[content][1]}"}
  }

  mutate {
    convert => {
      "year" => "integer"
    }
    strip => ["title"]
    remove_field => ["path", "host","@timestamp","message","content"]
  }

}
output {
   elasticsearch {
     hosts => "http://localhost:9200"
     index => "movies"
     document_id => "%{id}"
   }
  stdout {}
}

启动

1
sudo ./logstash -f logstash.conf
大数据 ELK
ELK logstash

本博客所有文章除特别声明外,均采用 CC BY-SA 4.0 协议 ,转载请注明出处!