Tutorial ElasticSearch - Importing a CSV file [ Step by Step ]

Would you like to learn how to import a CSV file to ElasticSearch? In this tutorial, we are going to show you how to import a CSV file to an ElasticSearch server using Logstash or Kibana.

• Ubuntu 20
• Ubuntu 19
• Ubuntu 18
• ElasticSearch 7.6.2
• Logstash 7.6.2

In our example, The ElastiSearch server IP address is 192.168.100.9.

In our example, we are going to install Logstash and import a CSV file.

ElasticSearch Related Tutorial:

On this page, we offer quick access to a list of tutorials related to ElasticSearch installation.

Tutorial Logstash – Installation

Use apt-get to install the required packages.

Copy to Clipboard

Find the Java installation directory.

Copy to Clipboard

In our example, Java is installed on the following directory: /usr/lib/jvm/java-11-openjdk-amd64

Create a file to configure the required Java variables.

Copy to Clipboard

Here is the file content.

Copy to Clipboard

Reboot the computer.

Copy to Clipboard

Verify if the system created automatically the environment variable named: JAVA_HOME.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

Download and install the ElasticSearch repository key.

Copy to Clipboard

Add the official ElasticSearch repository to your APT database

Copy to Clipboard

Update the APT-GET database and install the Logstash package.

Copy to Clipboard

Configure the Logstash service to start automatically.

Copy to Clipboard

Congratulations! You have finished the Logstash installation on Ubuntu Linux.

Tutorial ElasticSearch – Importing a CSV file

Create a CSV file.

Copy to Clipboard

Here is our file content.

Copy to Clipboard

In our example, we have a CSV file showing the Bitcoin daily price.

Create a Logstash configuration file.

Copy to Clipboard

Here is our file content.

Copy to Clipboard

Stop the Logstash service.

Copy to Clipboard

Star the Logstash service using the new configuration file.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

{
    "market-price" => 0.0,
        "@version" => "1",
        "datetime" => "datetime",
            "tags" => [
        [0] "_dateparsefailure"
    ],
            "path" => "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
         "message" => "datetime,market-price",
      "@timestamp" => 2020-05-11T01:03:13.387Z,
            "host" => "elasticsearch-01.local"
}
{
    "market-price" => 5657.14,
        "@version" => "1",
        "datetime" => "2019-05-04 00:00:00",
            "path" => "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
         "message" => "2019-05-04 00:00:00,5657.14",
      "@timestamp" => 2019-05-04T03:00:00.000Z,
            "host" => "elasticsearch-01.local"
}
{
    "market-price" => 5771.08,
        "@version" => "1",
        "datetime" => "2019-05-05 00:00:00",
            "path" => "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
         "message" => "2019-05-05 00:00:00,5771.08",
      "@timestamp" => 2019-05-05T03:00:00.000Z,
            "host" => "elasticsearch-01.local"
}
{
    "market-price" => 5717.66,
        "@version" => "1",
        "datetime" => "2019-05-06 00:00:00",
            "path" => "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
         "message" => "2019-05-06 00:00:00,5717.66",
      "@timestamp" => 2019-05-06T03:00:00.000Z,
            "host" => "elasticsearch-01.local"
}
{
    "market-price" => 5684.47,
        "@version" => "1",
        "datetime" => "2019-05-07 00:00:00",
            "path" => "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
         "message" => "2019-05-07 00:00:00,5684.47",
      "@timestamp" => 2019-05-07T03:00:00.000Z,
            "host" => "elasticsearch-01.local"
}

In our example, we imported a CSV file containing 2 fields to ElasticSearch using Logstash.

In our example, we converted the field containing the Bitcoin price to the type numeric float.

In our example, we set the field named DATETIME as the default timestamp.

Verify if the Index was created on the ElasticSearch server.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

Verify if the Bitcoin price was mapped as a numeric value.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

{
  "bitcoin" : {
    "mappings" : {
      "properties" : {
        "@timestamp" : {
          "type" : "date"
        },
        "@version" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        },
        "datetime" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        },
        "host" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        },
        "market-price" : {
          "type" : "float"
        },
        "message" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        },
        "path" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        },
        "tags" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        }
      }
    }
  }
}

In our example, the field named MARKET-PRICE was set as a float number.

List the content of the index named Bitcoin.

Copy to Clipboard

Here is the command output.

Copy to Clipboard

{
  "took" : 0,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 11,
      "relation" : "eq"
    },
    "max_score" : 1.0,
    "hits" : [
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "18eP1nEBeI5DkG2uuA6v",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "market-price",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "Timestamp,market-price",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "Timestamp",
          "@timestamp" : "2020-05-02T18:04:33.224Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "2MeP1nEBeI5DkG2uuA6v",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "5657.14",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-04 00:00:00,5657.14",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-04 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.290Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "2ceP1nEBeI5DkG2uuA6v",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "5771.08",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-05 00:00:00,5771.08",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-05 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.292Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "2seP1nEBeI5DkG2uuA6w",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "5717.66",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-06 00:00:00,5717.66",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-06 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.298Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "28eP1nEBeI5DkG2uuA6w",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "5684.47",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-07 00:00:00,5684.47",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-07 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.298Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "3MeP1nEBeI5DkG2uuA6w",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "5755.72",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-08 00:00:00,5755.72",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-08 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.299Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "3ceP1nEBeI5DkG2uuA6w",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "5936.72",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-09 00:00:00,5936.72",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-09 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.301Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "3seP1nEBeI5DkG2uuA6w",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "6146.91",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-10 00:00:00,6146.91",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-10 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.301Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "38eP1nEBeI5DkG2uuA6w",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "6348.02",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-11 00:00:00,6348.02",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-11 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.302Z"
        }
      },
      {
        "_index" : "bitcoin",
        "_type" : "_doc",
        "_id" : "4MeP1nEBeI5DkG2uuA6w",
        "_score" : 1.0,
        "_source" : {
          "market-price" : "7248.31",
          "host" : "elasticsearch-01.local",
          "@version" : "1",
          "message" : "2019-05-12 00:00:00,7248.31",
          "path" : "https://d1ny9casiyy5u5.cloudfront.net/downloads/bitcoin.csv",
          "Timestamp" : "2019-05-12 00:00:00",
          "@timestamp" : "2020-05-02T18:04:33.302Z"
        }
      }
    ]
  }
}

Congratulations! You imported a CSV file to ElasticSearch.

ElasticSearch – Importing a CSV file

ElasticSearch – Importing a CSV file

ElasticSearch Related Tutorial:

Tutorial Logstash – Installation

Tutorial ElasticSearch – Importing a CSV file

Related Posts