dev195
commented
8 years ago Do you think you can have doc_type defined as a kwarg, too? It'd feel more consistent than having it be the only one that needs to be defined in the decoder.
Closed amm3 closed 8 years ago
dev195
commented
8 years ago Do you think you can have doc_type defined as a kwarg, too? It'd feel more consistent than having it be the only one that needs to be defined in the decoder.
amm3
commented
8 years ago Sure thing. It currently uses the name of the decoder by default (provided it's in the kwargs passed to alert), so the decoder doesn't have to do anything different/specific. But I think it absolutely makes sense to allow override of this with command line args.
dev195
commented
8 years ago Okay, looks good. Since it does use the third-party elasticsearch library, I'll update the Dshell README to mention this.
amm3
commented
8 years ago Thanks. Good call.
This is a new output module for elasticsearch. It works standalone with
--output elasticout,host=ES_HOST,index=INDEXNAME, but I find it also useful to extend the class. This allows for more centralized control over the cluster and dynamic/deterministic index names and doc IDs.