Elasticsearch Bulk API Output
1. Sample Configuration
filename = "elasticsearch_bulk_api.lua"
message_matcher = "Type == 'nginx'"
ticker_interval = 10 -- flush every 10 seconds or flush_count (50000) messages
memory_limit = 200e6
address = "127.0.0.1"
-- TLS support; only set if you want TLS
ssl_params = {
protocol = "tlsv1_2",
cafile = "/etc/ssl/certs/ca-certificates.crt",
verify = {"peer", "fail_if_no_peer_cert"},
options = {"all", "no_sslv3"}
}
port = 9200
-- set basic auth parameters to enable basic authentication
basic_auth_params = { username = "Aladdin", _password = "open sesame" }
timeout = 10 -- socket timeout
flush_count = 50000
flush_on_shutdown = false
preserve_data = false -- there is no state maintained in this plugin
max_retry = 0 -- number of seconds (retries once per second)
discard_on_error = false -- discard the batch after max_retry + 1 failed attempts to send the batch
abort_on_error = false -- stop this plugin after max_retry + 1 failed attempts to send the batch
-- when setting abort_on_error = true, consider also settings shutdown_on_terminate or remove_checkpoints_on_terminate
-- See the elasticsearch module directory for the various encoders and configuration documentation.
encoder_module = "encoders.elasticsearch.payload"
encoders_elasticsearch_common = {
es_index_from_timestamp = true,
index = "%{Logger}-%{%Y.%m.%d}",
type_name = "%{Type}-%{Hostname}",
}
source code: elasticsearch_bulk_api.lua