Skip to content

Instantly share code, notes, and snippets.

@zhoutuo

zhoutuo/logstash-template.json

Forked from deverton/logstash-template.json
Last active December 18, 2015 09:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save zhoutuo/5759913 to your computer and use it in GitHub Desktop.
Save zhoutuo/5759913 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
logstash-template.json
{
"template": "sfly-preprod-logs-*",
"settings" : {
"number_of_shards" : 5,
"number_of_replicas" : 1,
"index" : {
"query" : { "default_field" : "@message" },
"store" : { "compress" : { "stored" : true, "tv": true } }
}
},
"mappings": {
"_default_": {
"_all": { "enabled": false },
"_source": { "excludes": ["@signature"] },
"_ttl": { "enabled": true, "default": "4w" },
"dynamic_templates": [
{
"string_template" : {
"match" : "*",
"mapping": { "type": "string", "index": "not_analyzed" },
"match_mapping_type" : "string"
}
}
],
"properties" : {
"@fields" : {
"type" : "object",
"dynamic": true,
"path": "full",
"properties" : {
"clientip" : { "type": "ip"}
}
},
"@message" : { "type" : "string", "index" : "analyzed" },
"@source" : { "type" : "string", "index" : "not_analyzed" },
"@source_host" : { "type" : "string", "index" : "not_analyzed" },
"@source_path" : { "type" : "string", "index" : "not_analyzed" },
"@tags": { "type": "string", "index" : "not_analyzed" },
"@timestamp" : { "type" : "date", "index" : "not_analyzed" },
"@type" : { "type" : "string", "index" : "not_analyzed" },
"@signature": { "type" : "string", "index" : "not_analyzed" },
"@checksum" : {"type" : "string", "index" : "not_analyzed" }
}
}
}
}
Raw
set-template.sh
curl -XPUT 'http://localhost:9200/_template/template_logstash/' -d @logstash-template.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment