Logstash Input OpenSearch

• Welcome!
• Project Resources
• Configuration for Logstash Input OpenSearch Plugin
• Code of Conduct
• License
• Copyright

Welcome!

logstash-input-opensearch is a community-driven, open source fork logstash-input-elasticsearch licensed under the Apache v2.0 License. For more information, see opensearch.org.

The logstash-input-opensearch plugin helps to read the search query results performed on an OpenSearch cluster. This is useful for replaying test logs, reindexing, etc. This helps users to periodically schedule ingestion using cron syntax (using schedule configuration setting) or by running the query one time to load data into Logstash.

Project Resources

• Project Website
• Documentation
• Developer Guide
• Need help? Try Forums
• Project Principles
• Contributing to OpenSearch
• Maintainer Responsibilities
• Release Management
• Admin Responsibilities
• Security

Configuration for Logstash Input OpenSearch Plugin

To run the Logstash Input OpenSearch plugin, add following configuration in your logstash.conf file.

input {
    opensearch {
        hosts       => ["hostname:port"]   
        user        => "admin"
        password    => "admin"
        index       => "logstash-logs-%{+YYYY.MM.dd}"
        query       => "{ "query": { "match_all": {}} }"
    }
}

Using the above configuration, the match_all query filter is triggered and data is loaded once.

schedule setting can be used to periodically schedule ingestion using cron syntax.

Example: schedule => "* * * * *" Adding this to the above configuration loads the data every minute.

Code of Conduct

This project has adopted the Amazon Open Source Code of Conduct. For more information see the Code of Conduct FAQ, or contact opensource-codeofconduct@amazon.com with any additional questions or comments.

License

This project is licensed under the Apache v2.0 License.

Copyright

Copyright OpenSearch Contributors. See NOTICE for details.