How to get only deltas in elasticsearch input

francieliton_araujo · September 8, 2021, 8:02pm

I would like to know how I do something like jdbc-input, that the query is always the most recent, but this using elaticsearch_input.
if it is not possible, please help me to build a query that returns everything from the last 6 months for example, follow my input

input {
      elasticsearch {
        hosts => "localhost"
        index => "XXXXXXX*"
        query => '{ "query": { "query_string": { "query": "*" } } }'
        size => 500
        scroll => "5m"
     
      }
}

dadoonet · September 8, 2021, 8:41pm

You should use a range query for this.

system · October 6, 2021, 8:41pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Achieve incremental query for Elasticsearch Input Plugin Logstash	1	756	February 7, 2019
Limit input data to recent data only, like Last 24 hours Logstash	3	760	February 19, 2018
Last_value for elasticsearch input plugin Logstash	2	575	November 1, 2018
Elasticsearch input login - read only new documents Logstash	1	556	January 15, 2020
Tail database table entries Logstash	3	864	April 11, 2017

How to get only deltas in elasticsearch input

Related topics