NSK
April 4, 2017, 2:22pm
1
Hello All - I am trying to ingest Oracle Data into Elasticsearch. Here is the data structure
number number_type Comments
and wanted to see the output as nested objects
How do I parse the NUMBER_TYPE and COMMENTS column in Nested objects through logstash filters.
I read in a blog, where it talked about mutate filter option but really not sure how to use them in the logstash conf file.
Any pointers or examples on handling outer joins in logstash are greatly appreciated.
How do I parse the NUMBER_TYPE and COMMENTS column in Nested objects through logstash filters.
I read in a blog, where it talked about mutate filter option but really not sure how to use them in the logstash conf file.
Use a mutate filter and its rename option. There's an example in the filter's documentation. To created a nested field, use the [field][subfield] syntax described here: Accessing event data and fields | Logstash Reference [8.11] | Elastic
NSK
April 16, 2017, 9:29pm
3
Thanks for the response.
I did try the rename option, however the hlog_comments fields is not getting displayed.
filter {
NSK
April 16, 2017, 9:30pm
4
hlog_comment is the nested object.
Please show what you get from a stdout { codec => rubydebug } output so we can see exactly what your events look like.
system
May 16, 2017, 5:30am
6
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.