CODEWITHSUNDEEP
elasticsearchgetlogstashelastic-stacklogstash-file
Danyal Danish
Danyal Danish

Reputation: 11

Using http_poller to request something from an elasticsearch host that's not local

I want to ask if there is a way we can use http_poller to request something from an elasticsearch host that's not local. Like this below:

input {
  http_poller {
    urls => {
      es_data => {
        method => get
        url => "https://your-elasticsearch-domain:9200/earthquake-3/_search"
        headers => {
          Accept => "application/json"
          'Content-Type' => 'application/json'
        }
        body => '{
          "sort": [
            {
              "DateTime": {
                "order": "desc"
              }
            }
          ],
          "query": {
            "match_all": {}
          },
          "size": 1
        }'
        auth => {
          user => "https://learningmachinelearning.es.us-central1.gcp.cloud.es.io:9243"
          password => ""
        }
      }
    }
    request_timeout => 60
    schedule => { every => "5m" }
    codec => "json"
  }
}
output {
  stdout {
    codec => rubydebug
  }
}

It gives me this on output. I know this works on local but is there a way to make this work on a different elasticsearch host

{
          "tags" => [
        [0] "_http_request_failure"
    ],
         "event" => {
        "duration" => 1180000
    },
         "error" => {
        "stack_trace" => nil,
            "message" => "No such host is known (your-elasticsearch-domain)"
    },
          "host" => {
        "hostname" => "DESKTOP-D13AKCK"
    },
           "url" => {
        "full" => "https://your-elasticsearch-domain:9200/earthquake-3/_search"
    },
      "@version" => "1",
    "@timestamp" => 2024-05-23T10:21:57.253296800Z,
          "http" => {
        "request" => {
            "method" => "get"
        }
    }
}

Is there a way to access an elasticsearch host through http_poller. Also, let me explain why I was trying to do it, I actually wanted to sort and retrieve the result of a query. I wasn't able to sort it any other way, this approach worked on local but I haven't figured a way to do this on a cloud elasticsearch. Let me know if it's something that's possible through http_poller or not.

Upvotes: 0

Views: 57

Answers (1)

Sagar Patel
Sagar Patel

Reputation: 5486

Below is sample example of elasticsearch input plugin. This will used same query which you have mentioned in above question:

input {
      elasticsearch {
        hosts => "https://your-elasticsearch-domain:9200"
        index => "earthquake-3"
        query => '{"sort":[{"DateTime":{"order":"desc"}}],"query":{"match_all":{}},"size":1}'
        schedule => { cron => "*/5 * * * * UTC"}
      }
    }
output {
  stdout {
    codec => rubydebug
  }
}

Upvotes: 0

Related Questions