我想问是否有一种方法可以使用 http_poller 向非本地的 elasticsearch 主机请求某些内容。就像下面这样:
input {
http_poller {
urls => {
es_data => {
method => get
url => "https://your-elasticsearch-domain:9200/earthquake-3/_search"
headers => {
Accept => "application/json"
'Content-Type' => 'application/json'
}
body => '{
"sort": [
{
"DateTime": {
"order": "desc"
}
}
],
"query": {
"match_all": {}
},
"size": 1
}'
auth => {
user => "https://learningmachinelearning.es.us-central1.gcp.cloud.es.io:9243"
password => ""
}
}
}
request_timeout => 60
schedule => { every => "5m" }
codec => "json"
}
}
output {
stdout {
codec => rubydebug
}
}
它给了我这个输出。我知道这可以在本地运行,但是有没有办法让它在不同的 Elasticsearch 主机上运行
{
"tags" => [
[0] "_http_request_failure"
],
"event" => {
"duration" => 1180000
},
"error" => {
"stack_trace" => nil,
"message" => "No such host is known (your-elasticsearch-domain)"
},
"host" => {
"hostname" => "DESKTOP-D13AKCK"
},
"url" => {
"full" => "https://your-elasticsearch-domain:9200/earthquake-3/_search"
},
"@version" => "1",
"@timestamp" => 2024-05-23T10:21:57.253296800Z,
"http" => {
"request" => {
"method" => "get"
}
}
}
有没有办法通过http_poller访问elasticsearch主机。另外,让我解释一下为什么我要尝试这样做,我实际上想对查询结果进行排序和检索。我无法以任何其他方式对其进行排序,这种方法适用于本地,但我还没有找到在云 Elasticsearch 上执行此操作的方法。让我知道这是否可以通过 http_poller 实现。
下面是
elasticsearchinput {
elasticsearch {
hosts => "https://your-elasticsearch-domain:9200"
index => "earthquake-3"
query => '{"sort":[{"DateTime":{"order":"desc"}}],"query":{"match_all":{}},"size":1}'
schedule => { cron => "*/5 * * * * UTC"}
}
}
output {
stdout {
codec => rubydebug
}
}