How to name elasticsearch index based on time in result set from JDBC input?

elasticheart · January 17, 2017, 5:11am

Hi,

I am using jdbc input having a query like;

SELECT id,name,address,timea,timeb FROM mytable where TO_CHAR(timea,'yyyy-mm-dd') > '2017-01-01' and TO_CHAR(timeb,'yyyy-mm-dd') < '2017-01-16'

I have configured my elasticsearch output like;

index => "myindex-%{+YYYY-MM-dd}"

I was expecting indices like myindex-2017-01-01, myindex-2017-01-02, myindex-2017-01-03 etc. But what I got was a single index myindex-2017-01-17 with all entries inside. I think it took my system date instead of date from query result. How can I achieve indices like I have mentioned?

Thanks in advance..

magnusbaeck · January 17, 2017, 6:29am

Use the date filter to parse one of the date fields and store the result in the @timestamp field.

system · February 14, 2017, 6:29am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Date filter, match, target and index name Logstash	3	1655	July 3, 2019
Best practice index naming Elasticsearch	2	12018	July 5, 2017
How do I create an index name based on a time field that is not the timestamp? Logstash	3	1630	January 15, 2018
Index name from log date not from system time Logstash	5	3319	September 14, 2017
Elastic not creating index daily based on date Logstash	13	2185	July 6, 2020

How to name elasticsearch index based on time in result set from JDBC input?

Related topics