What's the best way to add some additional information from Logstash to Elasticsearch

CaptainFeng · January 22, 2017, 2:57pm

Hi All

I am a Newbie in using Logstash and Elasticsearch. Recently, I got a job which parse some logs and put them into Elasticsearch. And before putting them in, I need to using information of every line to retrieve external information from MySQL. I want to know what's the best way to do this?

I know I could use the official ruby filter or exec filter(put the query code in a file). But I am not familiar with ruby and I don't know whether use exec filter will make the processing slow.

Could anyone help me?

magnusbaeck · January 22, 2017, 3:01pm

Perhaps you can use the translate filter? While that filter can't look up information in MySQL you might be able to periodically generate static files that the translate filter supports.

system · February 19, 2017, 3:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.