[graylog2] Re: How do I set stopwords in server.conf

Tue, 10 Jan 2017 05:39:46 -0800 

I copied the graylog-internal template. and upload a custom graylog 
template ,and only add one row like these

{
  "order": 0,
  "template": "graylog_*",
  "settings": {
    "index": {
      "analysis": {
        "analyzer": {
          "analyzer_stop": {
            "filter": {
              "my_stop": {
                "type": "stop",
                "stopwords": [
                  ",",
                  " "
                ]
              }
            },
            "tokenizer": "standard"
          }
        }
      }
    }
  },
  "mappings": {
    "message": {
      "_source": {
        "enabled": true
      },
      "dynamic_templates": [
        {
          "internal_fields": {
            "mapping": {
              "index": "not_analyzed",
              "type": "string"
            },
            "match": "gl2_*"
          }
        },
        {
          "store_generic": {
            "mapping": {
              "index": "not_analyzed"
            },
            "match": "*"
          }
        }
      ],
      "properties": {
        "full_message": {
          "analyzer": "analyzer_stop",
          "index": "analyzed",
          "type": "string"
        },
        "streams": {
          "index": "not_analyzed",
          "type": "string"
        },
        "source": {
          "analyzer": "analyzer_keyword",
          "index": "analyzed",
          "type": "string"
        },
        "message": {
          "analyzer": "standard",
          "index": "analyzed",
          "type": "string"
        },
        "timestamp": {
          "format": "yyyy-MM-dd HH:mm:ss.SSS",
          "type": "date"
        }
      }
    }
  },
  "aliases": {}
}

ps: add 'analyzer_stop' and put it on full_message which I want.

Then I generate a new index, It doesn't take affect.

在 2017年1月10日星期二 UTC+8下午6:01:46,Jochen Schalanda写道:
>
> Hi,
>
> On Tuesday, 10 January 2017 09:56:55 UTC+1, Zhiyuan Lei wrote:
>>
>> but graylog doesn't have an option to set the pattern. It only can set 
>> elasticsearch_analyzer.
>>
>
> Correct, but you can use custom index templates for this, see 
> http://docs.graylog.org/en/2.1/pages/configuration/elasticsearch.html#custom-index-mappings
>  
> for details.
>  
>
>> extractors seem not fit with this situation.
>>
>
> In my opinion extractors do exactly fit your use case.
>
> Cheers,
> Jochen
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/a57f88ba-fd98-4507-ab45-e60b9cae98f0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to