This is what i'm getting in ruby debug output:
"equipment_type" => "%{[parsed][service_event][0][equipment][equipment_type]}",
"equipment_number" => "%{[parsed][service_event][0][equipment][equipment_number]}"
}
What am i doing wrong. Any help is appreciated. Thanks
I removed the target => parsed from my json filter and it is working fine now.
But i'm getting another error because of my timestamp fields. Because some of my timestamp fields are null for some events (for eg: when my event gets created i will get value in "open_time" field and my "completed_time" gets null value until the events gets completed). So, in this case how to resolve? any suggestions.
Thanks.
you will have to use conditionals to check for not null before applying mutations. add_field will add arbitrary values, so if the value is null, it will add the reference to the value
Thanks @ptamba. I have one more query on array type json. In my case i'm getting the array json dynamically.
for eg.., 1st event==>"service_lines" => [
[0] {
"aar" => {
"category" => {
"id" => 42,
"name" => "Tires"
},
"system" => {
"id" => 1,
"name" => "Tire"
},
"subsystem" => {
"id" => 1,
"name" => "Tire"
},
"service" => {
"id" => 53,
"name" => "Service Call - Tire"
}
},
"id" => 586131,
"is_approved" => nil,
"vmrs" => nil
},
For one event i will get one array and for another i may get 2 or 3 arrays. So, in that case how to parse my json. Any suggestions. Thanks for your help.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.