How to use Elasticsearch SQL { XPACK } in Logstash

tusharnemade · October 5, 2020, 1:02pm

Hello

I am using Logstash 7.8.0 with Elasticsearch v7.8.0.

I am using Logstash to extract data from ES Index-1 and inserting into ES Index-2.

I am not finding a way to use Elasticsearch SQL a part of xpack into Logstash input plugin of elasticsearch.

Could you please help me in this.

Note: I have certain conditions and grok filter is required to split data into respective fields in Index-2 hence I am using logstash.

Thanks
Tushar Nemade

Wolfram_Haussig · October 5, 2020, 1:08pm

Hi,

If you have a platinum license you can use the jdbc input plugin of LogStash instead.

Another idea would be to use the http_poller plugin and the SQL REST API

Best regards
Wolfram

tusharnemade · October 5, 2020, 1:10pm

Hi

I do not have Platinum license. Have Basic License.

Can i use these he http_poller plugin and the SQL REST API , with BASIC license.

Thanks
Tushar Nemade

tusharnemade · October 5, 2020, 1:14pm

What i want is : How to specify

"query": "SELECT * FROM library where timestamp > somedate"

in logstash input plugin of elasticsearch

Thanks
Tushar Nemade

Wolfram_Haussig · October 6, 2020, 4:59am

The Elasticsearch SQL-APIs are part of the Basic license

tusharnemade · October 6, 2020, 5:22am

Okay .. Thanks for your response ..

How to specify

"query": "SELECT * FROM library where timestamp > somedate"

in logstash input plugin of elasticsearch

Wolfram_Haussig · October 6, 2020, 5:25am

Please have a look here which had a similar request: Logstash http_poller POST Syntax

tusharnemade · October 6, 2020, 5:29am

Okay , Thanks. I will check and update in here...

Thanks
Tushar Nemade

system · November 3, 2020, 5:29am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.