Bulk Import to Elasticsearch

Biraj_Dhungel · November 7, 2017, 8:39am

Hello,
I have a JSON file of 1 GB Logdata. The format of the file is

{ "index" : { "_index" : "test", "_type" : "type1" } }
{ "field1" : "value1" }
{ "index" : { "_index" : "test", "_type" : "type1" } }
{ "field1" : "value2" }

I have tried increasing the size of file in Bulk Import. I can successfully import Json File up to 160 MB. All the files above the size are not indexed and is ignored by elasticsearch withour giving an error.

How can I send the 1 GB big log data at once to elasticsearch. I cannot break the log file to small piece and send it to Elasticsearch, as it is created automatically by a program.

warkolm · November 7, 2017, 8:45am

How are you sending it to Elasticsearch?

dadoonet · November 7, 2017, 8:53am

I cannot break the log file to small piece and send it to Elasticsearch, as it is created automatically by a program.

You must break it into smaller pieces.

You can use Logstash for this, even a unix script can probably do it.

Biraj_Dhungel · November 7, 2017, 9:03am

Thank you for a quick Reply. As I Early mentioned, the log file is written in a format for a Bulk import.
{ "index" : { "_index" : "test", "_type" : "type1" } }
{ "field1" : "value1" }
{ "index" : { "_index" : "test", "_type" : "type1" } }
{ "field1" : "value2" }

If I use Logstash it must ignore the every odd Lines { "index" : { "_index" : "test", "_type" : "type1" } }.

As I am new to logstash, can I do it easily?

dadoonet · November 7, 2017, 9:31am

I’d just split the file into sub files,
A unix script will do that easily IMO

Biraj_Dhungel · November 7, 2017, 9:35am

curl -XPOST 'elasticsearch:9200/_bulk' -d @test.json

It works for small sized file but my file is more than 1 Gb. Now I am using Logstash and its working fine,

system · December 5, 2017, 9:35am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.