API tools faq
paste
Guest User

Untitled

a guest
Oct 23rd, 2018
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.10 KB | None | 0 0
raw download clone embed print report
  1. # Add a test document to the index
  2.  
  3. PUT index-2018-08-09/logs_2/AWUbrXRdjZ-987654akh
  4. {
  5. "datetime_log": "2018-08-09T00:34:36.051+02:00",
  6. "datetime_receive": "2018-08-09T00:34:36.051+02:00",
  7. "group": "DEFAUT",
  8. "ip_host": "22.33.44.55",
  9. "ip_host_pkt": "22.33.44.55",
  10. "source_msg": "22.33.44.55: -Trashback= XXXXXXXXX XXXXXXXXXX XXXXXXXXX 8002DAD8 YYYYYYYY ZZZZZZZZZ UUUUUUUU IIIIIIIIII",
  11. "unix_level": "local7",
  12. "unix_priority": "crit"
  13. }
  14.  
  15. # Create an Ingest Pipeline to rename and remove fields
  16. PUT _ingest/pipeline/rename_fields
  17. {
  18. "description": "rename (datetime_receive,ip_host_pkt,source_msg) and renamed them to date,host,message)",
  19. "processors": [
  20. {"rename": {"field": "datetime_receive","target_field": "date"}},
  21. {"rename": {"field": "ip_host_pkt","target_field": "host"}},
  22. {"rename": {"field": "source_msg","target_field": "message"}},
  23. {"remove": {"field": "unix_priority"}}
  24. ]
  25. }
  26.  
  27. # Test the pipeline before making any changes to the indices
  28. POST _ingest/pipeline/rename_fields/_simulate
  29. {
  30. "docs" : [
  31. { "_source": {
  32. "datetime_log": "2018-08-09T00:34:36.051+02:00",
  33. "datetime_receive": "2018-08-09T00:34:36.051+02:00",
  34. "group": "DEFAUT",
  35. "ip_host": "22.33.44.55",
  36. "ip_host_pkt": "22.33.44.55",
  37. "source_msg": "22.33.44.55: -Trashback= XXXXXXXXX XXXXXXXXXX XXXXXXXXX 8002DAD8 YYYYYYYY ZZZZZZZZZ UUUUUUUU IIIIIIIIII",
  38. "unix_level": "local7",
  39. "unix_priority": "crit"
  40. } }
  41. ]
  42. }
  43.  
  44. # Expected result:
  45. {
  46. "docs": [
  47. {
  48. "doc": {
  49. "_index": "_index",
  50. "_type": "_type",
  51. "_id": "_id",
  52. "_source": {
  53. "unix_level": "local7",
  54. "date": "2018-08-09T00:34:36.051+02:00",
  55. "datetime_log": "2018-08-09T00:34:36.051+02:00",
  56. "ip_host": "22.33.44.55",
  57. "host": "22.33.44.55",
  58. "message": "22.33.44.55: -Trashback= XXXXXXXXX XXXXXXXXXX XXXXXXXXX 8002DAD8 YYYYYYYY ZZZZZZZZZ UUUUUUUU IIIIIIIIII",
  59. "group": "DEFAUT"
  60. },
  61. "_ingest": {
  62. "timestamp": "2018-10-23T12:52:42.444138Z"
  63. }
  64. }
  65. }
  66. ]
  67. }
  68.  
  69. # Send all the documents in the index through the pipleine to a new index
  70. POST _reindex
  71. {
  72. "source": {
  73. "index": "index-2018-08-09"
  74. },
  75. "dest": {
  76. "index": "index-2018-08-09-new",
  77. "pipeline": "rename_fields"
  78. }
  79. }
  80.  
  81. # check the result
  82. GET index-2018-08-09-new/logs_2/AWUbrXRdjZ-987654akh
  83.  
  84. # returned document is:
  85. {
  86. "_index": "index-2018-08-09-new",
  87. "_type": "logs_2",
  88. "_id": "AWUbrXRdjZ-987654akh",
  89. "_version": 2,
  90. "found": true,
  91. "_source": {
  92. "date": "2018-08-09T00:34:36.051+02:00",
  93. "datetime_log": "2018-08-09T00:34:36.051+02:00",
  94. "message": "22.33.44.55: -Trashback= XXXXXXXXX XXXXXXXXXX XXXXXXXXX 8002DAD8 YYYYYYYY ZZZZZZZZZ UUUUUUUU IIIIIIIIII",
  95. "unix_level": "local7",
  96. "ip_host": "22.33.44.55",
  97. "host": "22.33.44.55",
  98. "group": "DEFAUT"
  99. }
  100. }
  101.  
  102. # You can also update the document IN THE ORIGINAL INDEX (USE WITH EXTRA CARE) using the "_update_by_query" endpoint
  103.  
  104. # This request will apply the pipeline to ALL documents in the original index
  105. POST index-2018-08-09/_update_by_query?pipeline=rename_fields
  106.  
  107. # check the result
  108. GET index-2018-08-09/logs_2/AWUbrXRdjZ-987654akh
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!