Skip to content

Figure out how to route documents to a different data stream in Elasticsearch #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
zmoog opened this issue Jul 25, 2023 · 1 comment
Open

Figure out how to route documents to a different data stream in Elasticsearch #42

zmoog opened this issue Jul 25, 2023 · 1 comment
Assignees
@zmoog
Labels
research topic:elastic

Comments

@zmoog
Copy link
Owner

zmoog commented Jul 25, 2023
edited
Loading

Elastic introduced rhe reroute processor with elastic/elasticsearch#76511 and it is available since 8.8.0.

I want to explore how to use the new Elasticsearch rerouting capabilities to support new use cases and bring more value to end users.
@zmoog zmoog self-assigned this Jul 25, 2023
@zmoog zmoog added the research label Jul 25, 2023
@zmoog zmoog added this to Notes Jul 25, 2023
@zmoog
Copy link
Owner Author

zmoog commented Jul 25, 2023

Basic example of a pipeline that routes document based on Kubernetes labels:

---
description: Pipeline for Kubernetes container logs
processors:
  - reroute:
      dataset:
        - '{{kubernetes.labels.elastic_co/dataset}}'
        - '{{data_stream.dataset}}'
      namespace:
        - '{{kubernetes.labels.elastic_co/namespace}}'
        - '{{data_stream.namespace}}'

The dataset and namespace can be a single value or and array. It will use the first valid value in the list.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zmoog zmoog

Labels
research topic:elastic
Projects
Notes
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zmoog