-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Elasticsearch 5.x output #2332
Merged
Merged
Changes from 11 commits
Commits
Show all changes
19 commits
Select commit
Hold shift + click to select a range
648e50b
Add Elasticsearch 5.x output
lpic10 9ea4d6a
Minor change on README.md
lpic10 7e494b5
Use time.Format() instead
lpic10 d1951a8
Fix issue with template generation
lpic10 e0ebc34
Updates to README.md and config sample
lpic10 d786c6b
Return on not supported ES version
lpic10 bf75c21
Fix ES template
lpic10 8f56697
Use UTC for index creation
lpic10 14d6ed2
Small changes
lpic10 866ce6c
Merge branch 'master' of telegraf into es_support
lpic10 2f94c95
Update index template doc
lpic10 8dd92ab
Change field input_plugin to measurement_name
lpic10 959638a
few improvements
lpic10 a6cfae2
Several updates, added timeout on ES connection
lpic10 debe2e9
Change sniffing to false by default and other formatting fixes
lpic10 4506936
Truncate big values before inserting
lpic10 0e07a9b
Attempt to fix issues with ES dynamic field mapping
lpic10 d9ee5d9
Reverting to previous implementation
lpic10 beb9390
Improved tests & README
lpic10 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,178 @@ | ||
| ## Elasticsearch Output Plugin for Telegraf | ||
|
|
||
| This plugin writes to [Elasticsearch](https://www.elastic.co) via HTTP using Elastic (http://olivere.github.io/elastic/). | ||
|
|
||
| It only supports Elasticsearch 5.x series currently. | ||
|
|
||
| ## Elasticsearch indexes and templates | ||
|
|
||
| ### Indexes per time-frame | ||
|
|
||
| This plugin can manage indexes per time-frame, as commonly done in other tools with Elasticsearch. | ||
|
|
||
| The timestamp of the metric collected will be used to decide the index destination. | ||
|
|
||
| For more information about this usage on Elasticsearch, check https://www.elastic.co/guide/en/elasticsearch/guide/master/time-based.html#index-per-timeframe | ||
|
|
||
| ### Template management | ||
|
|
||
| Index templates are used in Elasticsearch to define settings and mappings for the indexes and how the fields should be analyzed. | ||
| For more information on how this works, see https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-templates.html | ||
|
|
||
| This plugin can create a working template for use with telegraf metrics. It uses Elasticsearch dynamic templates feature to set proper types for the tags and metrics fields. | ||
| If the template specified already exists, it will not overwrite unless you configure this plugin to do so. | ||
|
|
||
| Example of an index template created by telegraf: | ||
|
|
||
| ```json | ||
| { | ||
| "order": 0, | ||
| "template": "telegraf-*", | ||
| "mappings": { | ||
| "_default_": { | ||
| "dynamic_templates": [ | ||
| { | ||
| "tags": { | ||
| "path_match": "tag.*", | ||
| "mapping": { | ||
| "ignore_above": 512, | ||
| "type": "keyword" | ||
| }, | ||
| "match_mapping_type": "string" | ||
| } | ||
| }, | ||
| { | ||
| "metrics": { | ||
| "mapping": { | ||
| "index": false, | ||
| "type": "float" | ||
| }, | ||
| "match_mapping_type": "long" | ||
| } | ||
| } | ||
| ], | ||
| "_all": { | ||
| "enabled": false | ||
| }, | ||
| "properties": { | ||
| "input_plugin": { | ||
| "type": "keyword" | ||
| }, | ||
| "@timestamp": { | ||
| "type": "date" | ||
| } | ||
| } | ||
| } | ||
| } | ||
| } | ||
|
|
||
| ``` | ||
|
|
||
| ### Example events: | ||
|
|
||
| This plugin will format the events in the following way: | ||
|
|
||
| ```json | ||
| { | ||
| "@timestamp": "2017-01-01T00:00:00+00:00", | ||
| "input_plugin": "cpu", | ||
| "cpu": { | ||
| "usage_guest": 0, | ||
| "usage_guest_nice": 0, | ||
| "usage_idle": 71.85413456197966, | ||
| "usage_iowait": 0.256805341656516, | ||
| "usage_irq": 0, | ||
| "usage_nice": 0, | ||
| "usage_softirq": 0.2054442732579466, | ||
| "usage_steal": 0, | ||
| "usage_system": 15.04879301548127, | ||
| "usage_user": 12.634822807288275 | ||
| }, | ||
| "tag": { | ||
| "cpu": "cpu-total", | ||
| "host": "elastichost", | ||
| "dc": "datacenter1" | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| ```json | ||
| { | ||
| "@timestamp": "2017-01-01T00:00:00+00:00", | ||
| "input_plugin": "system", | ||
| "system": { | ||
| "load1": 0.78, | ||
| "load15": 0.8, | ||
| "load5": 0.8, | ||
| "n_cpus": 2, | ||
| "n_users": 2 | ||
| }, | ||
| "tag": { | ||
| "host": "elastichost", | ||
| "dc": "datacenter1" | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| ### Configuration: | ||
|
|
||
| ```toml | ||
| # Configuration for Elasticsearch to send metrics to. | ||
| [[outputs.elasticsearch]] | ||
| ## The full HTTP endpoint URL for your Elasticsearch instance | ||
| ## Multiple urls can be specified as part of the same cluster, | ||
| ## this means that only ONE of the urls will be written to each interval. | ||
| urls = [ "http://node1.es.example.com:9200" ] # required. | ||
| ## Set to true to ask Elasticsearch a list of all cluster nodes, | ||
| ## thus it is not necessary to list all nodes in the urls config option | ||
| enable_sniffer = true | ||
| ## Set the interval to check if the nodes are available, in seconds. | ||
| ## Setting to 0 will disable the health check (not recommended in production) | ||
| health_check_interval = 10 | ||
| ## HTTP basic authentication details (eg. when using Shield) | ||
| # username = "telegraf" | ||
| # password = "mypassword" | ||
|
|
||
| # Index Config | ||
| ## The target index for metrics (Elasticsearch will create if it not exists). | ||
| ## You can use the date specifiers below to create indexes per time frame. | ||
| ## The metric timestamp will be used to decide the destination index name | ||
| # %Y - year (2016) | ||
| # %y - last two digits of year (00..99) | ||
| # %m - month (01..12) | ||
| # %d - day of month (e.g., 01) | ||
| # %H - hour (00..23) | ||
| index_name = "telegraf-%Y.%m.%d" # required. | ||
|
|
||
| ## Template Config | ||
| ## Set to true if you want telegraf to manage its index template. | ||
| ## If enabled it will create a recommended index template for telegraf indexes | ||
| manage_template = true | ||
| ## The template name used for telegraf indexes | ||
| template_name = "telegraf" | ||
| ## Set to true if you want to overwrite an existing template | ||
| overwrite_template = false | ||
| ``` | ||
|
|
||
| ### Required parameters: | ||
|
|
||
| * `urls`: A list containing the full HTTP URL of one or more nodes from your Elasticsearch instance. | ||
| * `index_name`: The target index for metrics. You can use the date specifiers below to create indexes per time frame. | ||
|
|
||
| ``` | ||
| %Y - year (2017) | ||
| %y - last two digits of year (00..99) | ||
| %m - month (01..12) | ||
| %d - day of month (e.g., 01) | ||
| %H - hour (00..23) | ||
| ``` | ||
|
|
||
| ### Optional parameters: | ||
|
|
||
| * `enable_sniffer`: Set to true to ask Elasticsearch a list of all cluster nodes, thus it is not necessary to list all nodes in the urls config option. | ||
| * `health_check_interval`: Set the interval to check if the nodes are available, in seconds. Setting to 0 will disable the health check (not recommended in production). | ||
| * `username`: The username for HTTP basic authentication details (eg. when using Shield). | ||
| * `password`: The password for HTTP basic authentication details (eg. when using Shield). | ||
| * `manage_template`: Set to true if you want telegraf to manage its index template. If enabled it will create a recommended index template for telegraf indexes. | ||
| * `template_name`: The template name used for telegraf indexes. | ||
| * `overwrite_template`: Set to true if you want to overwrite an existing template. | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not super familiar with ES best practices, but this seems a bit redundant to me. Why put
"input_plugin": "cpu"in the top-level of the metric if you already have the name of the plugin in"cpu": ...?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's to make possible/easier to query/filter for metrics from a particular input. It is not so easy/convenient to query for field names in ES. It can be done by issuing a terms query on _field_names, but I don't know how to do this in grafana/kibana for example (or even if it is possible to do).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In that case, shouldn't we put a "measurement_name" field in the ES metric? seems like this is more useful than the plugin name. There are many plugins that write more than one measurement name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, makes sense. Actually I think the current "input_plugin" is already the measurement name, it comes from
metric.Name(). I will change the name of the field.