Currently I have the following scenario 
I want to dynamically insert a dictionary that replaces the field name , for example, 128 to trade name and similarly others.
I have around 400 such fields.
So I cant hardcode every fieldname .
Suggest me a way to insert the dictinary dynamically.
Thanks,
Regards
Sakshi Aggarwal.
Interesting question! I would do that using ruby.
First, create a JSON dictionary that contains the mapping of field names. For example:
{
"1": "TradeName",
"2": "Foo",
"3": "bar"
}
Then use a ruby filter to do the lookups
ruby {
init => '@d = JSON.parse( File.read( "/path/to/dictionary.json" ) )'
code => '
event.to_hash.each { |k, v|
if @d.has_key?(k)
event.set(@d[k], v)
event.remove(k)
end
}
'
}
Error handling is left as an exercise for the reader.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.