UNCLASSIFIED

Skip to content

GitLab

"ab99c042c017df193dea10d6864a386d9bd882c2/README.md" did not exist on "ab99c042c017df193dea10d6864a386d9bd882c2"
Switch branch/tag
Find file Normal viewHistoryPermalink
README.md 2.75 KB
Newer Older
Al Fontaine's avatar
Initial commit  
Al Fontaine committed
1 2 
# fluentd-elasticsearch
Al Fontaine's avatar
Initial al  
Al Fontaine committed
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 
This is a fluentd container with the fluent-plugin-elasticsearch plugin installed.

For more information, visit https://github.com/uken/fluent-plugin-elasticsearch

## Usage
In your Fluentd configuration, use @type elasticsearch. Additional configuration is optional, default values would look like this:

```
<match my.logs>
  @type elasticsearch
  host localhost
  port 9200
  index_name fluentd
  type_name fluentd
</match>
```
NOTE: type_name parameter will be used fixed _doc value for Elasticsearch 7.

NOTE: type_name parameter will make no effect for Elasticsearch 8.

Index templates
This plugin creates Elasticsearch indices by merely writing to them. Consider using Index Templates to gain control of what get indexed and how. See this example for a good starting point.

## Configuration
### host
```
host user-custom-host.domain # default localhost
```
You can specify Elasticsearch host by this parameter.

Note: Since v3.3.2, host parameter supports builtin placeholders. If you want to send events dynamically into different hosts at runtime with elasticsearch_dynamic output plugin, please consider to switch to use plain elasticsearch output plugin. In more detail for builtin placeholders, please refer to Placeholders section.

### port
```
port 9201 # defaults to 9200
```
You can specify Elasticsearch port by this parameter.

### emit_error_for_missing_id
```
emit_error_for_missing_id true
```
When write_operation is configured to anything other then index, setting this value to true will cause the plugin to emit_error_event of any records which do not include an _id field. The default (false) behavior is to silently drop the records.

### hosts
```
hosts host1:port1,host2:port2,host3:port3
```
You can specify multiple Elasticsearch hosts with separator ",".

If you specify multiple hosts, this plugin will load balance updates to Elasticsearch. This is an elasticsearch-ruby feature, the default strategy is round-robin.

If you specify hosts option, host and port options are ignored.

```
host user-custom-host.domain # ignored
port 9200                    # ignored
hosts host1:port1,host2:port2,host3:port3
```
If you specify hosts option without port, port option is used.

```
port 9200
hosts host1:port1,host2:port2,host3 # port3 is 9200
```
Note: If you will use scheme https, do not include "https://" in your hosts ie. host "https://domain", this will cause ES cluster to be unreachable and you will receive an error "Can not reach Elasticsearch cluster"

Note: Up until v2.8.5, it was allowed to embed the username/password in the URL. However, this syntax is deprecated as of v2.8.6 because it was found to cause serious connection problems (See #394). Please migrate your settings to use the user and password field (described below) instead.

UNCLASSIFIED