Blog Post

Azure Data Explorer Blog
12 MIN READ

How to migrate from Elasticsearch to Azure Data Explorer

Guy_Reginiano's avatar
Guy_Reginiano
Icon for Microsoft rankMicrosoft
Sep 01, 2020
Introduction  With an ever-expanding ocean of data, more and more organizations need to perform advanced and fast analytics over their business data, logs, and telemetry while seeking to reduce c...
Updated Apr 10, 2022
Version 26.0
ADX
Azure Data Explorer
Elastic
Elasticsearch
K2Bridge
Kibana
KQL
kusto
Born2Code's avatar
Born2Code
Copper Contributor
May 02, 2022

Below is an example of logstash pipeline to read different indices data and ingest to multiple ADX tables depending on index.

 

input {
  elasticsearch {
	hosts => ["http://localhost:9200"]
	index => "people"
	user => "elastic"
	password => "pwd"
	tags  => ["people"]
	}
  elasticsearch {
	hosts => ["http://localhost:9200"]
	index => "city"
	user => "elastic"
	password => "pwd"
	tags => ["city"]
	}
}

output {	
    if "people" in [tags]{
	 kusto {
	      path => "e:/tmp/kusto/%{+YYYY-MM-dd-HH-mm}.txt"
		ingest_url => "https://elasticingestion.westus.kusto.windows.net"   
		app_id => "aad App Id"
		app_key => "App sercret"
		app_tenant => "App tenant"
        database => "logstash"
		table => "people" 
		json_mapping => "peoplemapping"
	    }
	}
    else if "city" in [tags] {
	 kusto {
	    path => "e:/tmp/kusto/%{+YYYY-MM-dd-HH-mm}.txt"
		ingest_url => "https://elasticingestion.westus.kusto.windows.net"   
		app_id => "aad App Id"
		app_key => "App sercret"
		app_tenant => "App tenant"
        database => "logstash"
		table => "city" 
		json_mapping => "citymapping"
	    }
	}	
}