How do I tell Elasticsearch to get the column names from the first line of a file?

Question!

I just started using Elasticsearch/logstash.

I have 3 different files with a common id. Each file contains the column names on the first line, for example:

header1,header2,header3,header4
1234,data2,data3,data4
1235,data2,data3,data4
1236,data2,data3,data4

How can I tell Elasticsearch to get the first line as column names?

Also, how can I do some research in Elastic using the common id between the files, for example q:column=data group by id?

By : paksouse


Answers

you can add the below mentioned code in the .confgig file . You have to explicitly mention the column names in the config file .

filter {
csv {
    columns =


Looks like you have csv data. Logstash provides a csv filter, but it doesn't handle header rows.

There is a new csv codec, but it's listed as not ready for production.



This video can help you solving your question :)
By: admin