Elasticsearch

Overview

You can send logs to Elasticsearch via HTTP using our HTTP Data sink.

Data sink configuration

To start sending data to Elasticsearch, follow these steps:

1

Create a new HTTP Data sink. To do it, go to Data sinks > New Data sink and double-click HTTP.

2

Give your Data sink a Name and, optionally, add a Description and some Tags. Click Finish when you're done.

3

Now, drag your Data sink to the required Pipeline canvas. Link it to the required Listener/Action and double-click it to configure it.

4

Fill the following parameters as follows:

Parameter
Description

HTTP method*

Choose POST.

URL*

Enter <elastic_endpoint>.

Message

Choose the field containing the message you wish to send on.

Content-Type

Choose your required data type.

Support special characters

Set it to true.

Use gzip, HTTP headers

Set as required.

5

In the Bulk configuration section, fill in the parameters as follows:

Parameter
Description

Bulk allow*

Set it to true.

Delimiter*

Choose Manual delimiter* and leave it as new line (\n).

Maximum number of buffers per server URL*

Enter 50.

Event amount*, Event time limit*

Set both to 1.

6

Set the Authentication type* to API key. Enter your API key name* and choose the required API key value*. Create a Secret containing your API key or select one already created.

7

Fill in the rest of the parameters and required, and click Save.

Last updated

Was this helpful?