如何根据logstash中的一个索引中的一个参数筛选出记录

1tuwyuhd  于 2021-06-10  发布在  ElasticSearch
关注(0)|答案(1)|浏览(447)
input{
 elasticsearch{
  hosts=>["localhost"]
  index=>"sample_index"
    query=>'{"query":{"match_all":{}}}'
scroll=>"5m"
docinfo=>true
 }
 }filter{
 elasticsearch{
 hosts=>["localhost"]
 index=>"sample_index"
 query=>"NOT(city:delhi)"
   sort=>"code:asc"
  result_size=>5    
   fields=>{
   "code"=>"Code"
  "name"=>"Name"
 "city"=>"City"
"salary"=>"Salary"
}
}
}
output{
elasticsearch{
hosts=>["localhost"]
 index=>"filter_sample_index4"
   }
  }

我就是这样做的。有人知道我哪里做错了吗
我有记录吗 { "sample_index":{ "name":"ABC", "salary":56000, "city":"mumbai" }, { "name":"XYZ", "salary":54400, "city":"DEHI" }, { "name":"QWERTY", "salary":65000, "city":"Delhi" }, { "name":"JACK", "salary":26000, "city":"mumbai" } } 我想要的是基于城市过滤掉索引{“filter\u index”:{“name”:“”,“salary”:56000,“city”:“mumbai”}, {“姓名”:“杰克”,“薪水”:26000,“城市”:“孟买”} }

kuhbmx9i

kuhbmx9i1#

自从 query 参数使用 query_string 查询语法,您可以简单地反转查询,如下所示:

query => "NOT(city:mumbai)"

相关问题