I am trying to link postgres with Elasticsearch using logstash. I am see the data in my logstash console.
C:\Users\Admin\Downloads\logstash-6.5.1\bin>logstash -f c:\Users\Admin\Desktop\hardata.config
Sending Logstash logs to C:/Users/Admin/Downloads/logstash-6.5.1/logs which is now configured via log4j2.properties
[2018-12-03T15:44:49,090][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2018-12-03T15:44:49,112][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"6.5.1"}
[2018-12-03T15:44:52,819][WARN ][logstash.outputs.elasticsearch] You are using a deprecated config setting "document_type" set in elasticsearch. Deprecated settings will continue to work, but are sche
duled for removal from logstash in the future. Document types are being deprecated in Elasticsearch 6.0, and removed entirely in 7.0. You should avoid this feature If you have any questions about this
, please visit the #logstash channel on freenode irc. {:name=>"document_type", :plugin=><LogStash::Outputs::ElasticSearch index=>"harinfo", id=>"27c192e63349cbe0fb3bc6bef932d4c411f618d176f29d9a48a2ead
e75968bc1", hosts=>[//localhost:9200], document_type=>"har", enable_metric=>true, codec=><LogStash::Codecs::Plain id=>"plain_1245b0a6-3abd-42f1-92a6-159d8bf05156", enable_metric=>true, charset=>"UTF-8
">, workers=>1, manage_template=>true, template_name=>"logstash", template_overwrite=>false, doc_as_upsert=>false, script_type=>"inline", script_lang=>"painless", script_var_name=>"event", scripted_up
sert=>false, retry_initial_interval=>2, retry_max_interval=>64, retry_on_conflict=>1, action=>"index", ssl_certificate_verification=>true, sniffing=>false, sniffing_delay=>5, timeout=>60, pool_max=>10
00, pool_max_per_route=>100, resurrect_delay=>5, validate_after_inactivity=>10000, http_compression=>false>}
[2018-12-03T15:44:54,413][INFO ][logstash.pipeline ] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>4, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50}
[2018-12-03T15:44:55,365][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>, :added=>[http://localhost:9200/]}}
[2018-12-03T15:44:55,378][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://localhost:9200/, :path=>"/"}
[2018-12-03T15:44:55,635][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"http://localhost:9200/"}
[2018-12-03T15:44:55,706][INFO ][logstash.outputs.elasticsearch] ES Output version determined {:es_version=>6}
[2018-12-03T15:44:55,710][WARN ][logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the type event field won't be used to determine the document _type {:es_version=>6}
[2018-12-03T15:44:55,741][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//localhost:9200"]}
[2018-12-03T15:44:55,765][INFO ][logstash.outputs.elasticsearch] Using mapping template from {:path=>nil}
[2018-12-03T15:44:55,787][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"template"=>"logstash-", "version"=>60001, "settings"=>{"index.refresh_interval"=>"
5s"}, "mappings"=>{"default"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"ma
tch"=>"", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"
}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_f
loat"}}}}}}}}
[2018-12-03T15:44:56,233][INFO ][logstash.pipeline ] Pipeline started successfully {:pipeline_id=>"main", :thread=>"#<Thread:0x5c5bcda9 run>"}
[2018-12-03T15:44:56,303][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>}
[2018-12-03T15:44:56,749][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
[2018-12-03T15:44:57,760][INFO ][logstash.inputs.jdbc ] (0.018156s) select * from harinfo
{
"duration" => 3,
"@timestamp" => 2018-12-03T10:14:57.849Z,
"parent_url" => "icicibank.com",
"@version" => "1",
"url_id" => 3,
"url" => "image.icicibank.com"
}
{
"duration" => 7,
"@timestamp" => 2018-12-03T10:14:57.848Z,
"parent_url" => "icicibank.com",
"@version" => "1",
"url_id" => 2,
"url" => "login.icicibank.com"
}
{
"duration" => 3,
"@timestamp" => 2018-12-03T10:14:57.850Z,
"parent_url" => "infinity.icicibank.com",
"@version" => "1",
"url_id" => 6,
"url" => "abcdefgh.img"
}
{
"duration" => 2,
"@timestamp" => 2018-12-03T10:14:57.831Z,
"parent_url" => "icicibank.com",
"@version" => "1",
"url_id" => 1,
"url" => "infinity.icicibank.com"
}
{
"duration" => 4,
"@timestamp" => 2018-12-03T10:14:57.850Z,
"parent_url" => "infinity.icicibank.com",
"@version" => "1",
"url_id" => 5,
"url" => "xyzabc.img"
}
{
"duration" => 5,
"@timestamp" => 2018-12-03T10:14:57.850Z,
"parent_url" => "icicibank.com",
"@version" => "1",
"url_id" => 4,
"url" => "icicibank.img"
}
[2018-12-03T15:44:59,817][INFO ][logstash.pipeline ] Pipeline has terminated {:pipeline_id=>"main", :thread=>"#<Thread:0x5c5bcda9 run>"}
http://localhost:9200/harinfo, It is not showing me any data. Only i can see the index.
{"harinfo":{"aliases":{},"mappings":{"har":{"properties":{"@timestamp":{"type":"date"},"@version":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":256}}},"duration":{"type":"long"},"parent_url":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":256}}},"url":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":256}}},"url_id":{"type":"long"}}}},"settings":{"index":{"creation_date":"1543832098147","number_of_shards":"5","number_of_replicas":"1","uuid":"ES-CnDdYQCSAGJonu2ZjEg","version":{"created":"6050199"},"provided_name":"harinfo"}}}}
Data is not showing in Elasticsearch.