Elasticsearch
Overview
Based on the ElasticSearch destination of AxoSyslog core.
Example
apiVersion: logging.banzaicloud.io/v1beta1
kind: SyslogNGOutput
metadata:
name: elasticsearch
spec:
elasticsearch:
url: "https://elastic-search-endpoint:9200/_bulk"
index: "indexname"
type: ""
user: "username"
password:
valueFrom:
secretKeyRef:
name: elastic
key: password
Configuration
(HTTPOutput, required)
custom_id (string, optional)
The document ID. If no ID is specified, a document ID is automatically generated.
disk_buffer (*DiskBuffer, optional)
This option enables putting outgoing messages into the disk buffer of the destination to avoid message loss in case of a system failure on the destination side. For details, see the Syslog-ng DiskBuffer options.
Default: false
index (string, optional)
Name of the data stream, index, or index alias to perform the action on.
logstash_prefix (string, optional)
Set the prefix for logs in logstash format. If set, then the Index field will be ignored.
logstash_prefix_separator (string, optional)
Set the separator between LogstashPrefix and LogStashDateformat. Default: “-”
logstash_suffix (string, optional)
Set the suffix for logs in logstash format.
Default: ${YEAR}.${MONTH}.${DAY}
### type (*string, optional) {#elasticsearchoutput-type}
The document type associated with the operation. Elasticsearch indices now support a single document type: _doc
template (string, optional)
The template to format the record itself inside the payload body
type (*string, optional)
The document type associated with the operation. Elasticsearch indices now support a single document type: _doc