Hello guys!
I'm trying to use if condition in the elasticsearch section.
I want to write to different indexes depending on ip. what's wrong? 
elasticsearch{
if [node_ip] == "10.6.108.100" or "10.6.108.101"
{
index => "node1-%{+YYYY.MM.dd}"
hosts = > ["elasticsearchhost:9200"]
}
else if [node_ip] == "10.6.108.102" or "10.6.108.103"
{
index => "node2-%{+YYYY.MM.dd}"
hosts = > ["elasticsearchhost:9200"]
}}You can not use conditionals within a plugin. Instead create multiple elasticsearch plugins with the correct config within conditionals.
Another option is to set a field that holds the prefix based on the conditionals and then use this in the index name specification within a single Elasticsearch output plugin.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.