Elasticsearch

    Elasticsearch output plugin supports TTL/SSL, for more details about the properties available and general configuration, please refer to the TLS/SSL section.

    In order to insert records into a Elasticsearch service, you can run the plugin from the command line or through the configuration file:

    The es plugin, can read the parameters from the command line in two ways, through the -p argument (property) or setting them directly through the service URI. The URI format is the following:

    1. $ fluent-bit -i cpu -t cpu -o es://192.168.2.3:9200/my_index/my_type \
    2.     -o stdout -m '*'

    which is similar to do:

    In your main configuration file append the following Input & Output sections:

    1. [INPUT]
    2.     Name  cpu
    5.     Name  es
    6.     Match *
    8.     Port  9200
    9.     Index my_index
    10.     Type  my_type

    Some input plugins may generate messages where the field names contains dots, since Elasticsearch 2.0 this is not longer allowed, so the current es plugin replaces them with an underscore, e.g:

    becomes

    1. {"cpu0_p_cpu"=>17.000000}

    If you see an error message like below, you’ll need to fix your configuration to use a single type on each index.

    Rejecting mapping update to [search] as the final mapping would have more than 1 type

    For details, please read .

    AWS Elasticsearch adds an extra security layer where the HTTP requests we must be signed with AWS Signv4, as of Fluent Bit v1.3 this is not yet supported. At the end of January 2020 with the release of Fluent Bit v1.4 we are adding such feature (among integration with other AWS Services ;) )

    More details about this AWS requirement can be found here: