What's the best way to add some additional information from Logstash to Elasticsearch

CaptainFeng · January 22, 2017, 2:57pm

Hi All

I am a Newbie in using Logstash and Elasticsearch. Recently, I got a job which parse some logs and put them into Elasticsearch. And before putting them in, I need to using information of every line to retrieve external information from MySQL. I want to know what's the best way to do this?

I know I could use the official ruby filter or exec filter(put the query code in a file). But I am not familiar with ruby and I don't know whether use exec filter will make the processing slow.

Could anyone help me?

magnusbaeck · January 22, 2017, 3:01pm

Perhaps you can use the translate filter? While that filter can't look up information in MySQL you might be able to periodically generate static files that the translate filter supports.

system · February 19, 2017, 3:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Ruby filter - How to access some elastic index data from a ruby filter Logstash	23	3013	July 24, 2018
Enhance ELK data records with an external source? Logstash	3	576	April 24, 2020
Query database from a filter Logstash	5	1109	July 6, 2017
Using Elasticsearch filter plugin to add information to a index Logstash	2	339	July 6, 2018
Logstash add field based on external source Logstash	3	471	September 14, 2020

What's the best way to add some additional information from Logstash to Elasticsearch

Related topics