I'm using http_poller to get data from Webservice. I'm not sure if its able to connect the webservice
Config file
input {
http_poller {
urls => {
myurl => "https://abc.com/SWS/incidents.asmx/GetSev"
}
codec => "plain"
cacert => "sampl.pem"
truststore => "downloaded_truststore.jks"
truststore_password => "abc"
schedule => { cron => "* * * * * UTC"}
}
}
output
{
elasticsearch
{
index => "Severity"
}
}
Webservice file output
<?xml version="1.0" encoding="ISO-8859-1"?>
<ArrayOfSeverity xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<Severity>
<SeverityName>Informational</SeverityName>
</Severity>
<Severity>
<SeverityName>Warning</SeverityName>
</Severity>
<Severity>
<SeverityName>Critical</SeverityName>
</Severity>
<Severity>
<SeverityName>Emergency</SeverityName>
</Severity>
</ArrayOfSeverity>
Logstash loads this records in Index
{
"severity": {
"aliases": {},
"mappings": {
"doc": {
"properties": {
"@timestamp": {
"type": "date"
},
"@version": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"http_request_failure": {
"properties": {
"error": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"name": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"request": {
"properties": {
"method": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"url": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
},
"runtime_seconds": {
"type": "float"
}
}
},
"tags": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
}
},
"settings": {
"index": {
"creation_date": "1538136360613",
"number_of_shards": "5",
"number_of_replicas": "1",
"uuid": "WR3XUW2vTx-Q8KJTQFEd7Q",
"version": {
"created": "6040199"
},
"provided_name": "severity"
}
}
}
}
Not sure what i'm missing to load the serverityName in Index
Thanks in Advance