Elasticsearch Output
The ELASTICSEARCH ouput plugin is used to send output to an Elasticsearch cluster.
Parameters
batch_size: OPTIONAL. The size of bulk messages that get sent to Elasticsearch at once. If not specified, the default is 100. The plugin does not wait for the batch to fill before sending to Elasticsearch. If there aren’t as many messages in the output queue waiting to be sent, it will quickly send whatever is waiting.
index: OPTIONAL. The name of the index in Elasticsearch that records will be sent to. If not specified, the default index name is ‘riodb’.
password: REQUIRED. The password of the user.
port: OPTIONAL. The port number that the Elasticsearch cluster is listening on. If not provided, the default is 9200.
queue_capacity: OPTIONAL. If a remote ELASTICSEARCH server is not responding, or taking too long to respond, request could begin to pile up. RioDB is used in a variety of high-performance use cases, so there could be a use-case where you would pile up a queue of millions of requests waiting to be sent. The queue_capacity sets a limit to prevent JVM running out of memory.
url: REQUIRED. The url to the Elasticsearch cluster. Like ‘mycluster.mydomain.com’, or ‘localhost’.
user: REQUIRED. The username that will be used to authenticate to Elasticsearch to insert documents into the specified index.
workers: OPTIONAL. How many CPU threads to handle making ELASTICSEARCH requests. The default is 1, and usually that’s all you need.
Syntax
OUTPUT ELASTICSEARCH (
batch_size <integer>
index <string>
password <string>
port <integer>
queue_capacity <integer>
url <string>
user <string>
workers <integer>Example
A simple output posting JSON payload tolocalhost:9200:
SELECT session_id, session_status
FROM mystream
OUTPUT ELASTICSEARCH (
index 'session-logs'
password 'Someth1ng!'
port 9200
url 'localhost'
user 'riodb-wr'
)
FORMATTER json ();Tip: Since Elasticsearch deals with JSON documents, you probably always want to use the JSON formatter.