Mapping json with logstash

hi friends

I'm starting now to use elk and for this reason I'm not very experienced. I do not understand where and how to create a template on logstash to map my json.

someone can help me with a practical example. I have already read all about the creation on the template on the reference site as well

but I can not put it into practice
i have this json of example and i want map it correctly.
please can you help me?

{"venue_name":"Daniels Hall",
{"event_name":"Singles dance party at Daniels Hall.",
{"group_topics":[{"urlkey":"never-married","topic_name":"Never Married"},
{"urlkey":"single-parties","topic_name":"Single Parents"},
{"urlkey":"women","topic_name":"Women's Social"},
{"urlkey":"socialnetwork","topic_name":"Social Networking"},
{"urlkey":"dating-and-relationships","topic_name":"Dating and Relationships"},
{"urlkey":"singles-30s-50s","topic_name":"Singles 30's-50's"},
{"urlkey":"divorcesupport","topic_name":"Divorce Support"},
{"urlkey":"singles-dancing","topic_name":"Singles Dancing"},
{"urlkey":"newintown","topic_name":"New In Town"}],
"group_name":"Nottingham NH Singles Dance. Now 172 marriages.",
"member_name":"Michael Yardeny"},
"event":{"event_name":"מפגש קהילת הסטארט אפים ברמת גן",
"topic_name":"Business Strategy"},
"topic_name":"Professional Networking"},
"topic_name":"Social Entrepreneurship"},
"topic_name":"Startup Businesses"},
"topic_name":"Social Innovation"},
"topic_name":"Venture Capital"},
"topic_name":"Business Startup"},
"topic_name":"Design Thinking"},
"topic_name":"Startup Incubation"},
"topic_name":"Technology Startups"}],
"group_city":"Ramat Gan",
"group_name":"StartUp Ramat Gan",

What part are you having trouble understanding? The syntax for the index template? What the point of the template even is? Something else?

I have a set of log files that contain a json that I'll have to analyze.
I managed to extract the interest json correctly from the document.
Now I would like to create with logstash a mapping for this json.

Maybe, should I use something like that?

elasticsearch {
index => "log-%{+YYYY.MM.dd}"
document_type => "json_log"
	 # manage_template => true
	 # template => "E:\Programmi\logstash\bin\elasticsearch-template.json"
	 # template_overwrite => "true"
	codec => json

could it be correct this?
what do I have to write in the file? i dont understand
con you make a little example for my json

Sorry, but this is exactly what the blog post you linked to covers. If you don't understand that text and can't ask specific questions I don't think I'm able to help.

ok please
how i can create template with logstash for my json?
where i can see an example or find info for it?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.