You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/08/15 07:53:25 UTC
[GitHub] [apisix] hf400159 commented on a diff in pull request #7643: feat: add elasticsearch-logging
hf400159 commented on code in PR #7643:
URL: https://github.com/apache/apisix/pull/7643#discussion_r945458945
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
Review Comment:
can you add some keywords and description?
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
Review Comment:
```suggestion
本插件支持使用批处理器来聚合并批量处理条目(日志和数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](../batch-processor.md#配置) 配置部分。
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### 最小化配置
Review Comment:
```suggestion
### 最小化配置示例
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### 最小化配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services"
+ }
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+## 测试插件
+
+- 向配置 `elasticsearch-logging` 插件的路由发送请求
+
+```shell
+$ curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
+HTTP/1.1 200 OK
+...
+hello, world
+```
+
+- 登录 Kibana 控制台检索查看日志
+
+
+
+## 禁用插件
+
+禁用 `elasticsearch-logging` 插件非常简单,只需将 `elasticsearch-logging` 对应的 `JSON` 配置移除即可。
Review Comment:
```suggestion
当你需要禁用该插件时,可以通过如下命令删除相应的 JSON 配置,APISIX 将会自动重新加载相关配置,无需重启服务:```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
Review Comment:
Please refer to [http-logger](https://github.com/apache/apisix/blob/master/docs/zh/latest/plugins/http-logger.md) modification.
##########
docs/en/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,143 @@
+---
+title: elasticsearch-logging
+keywords:
+ - APISIX
+ - Plugin
+ - Elasticsearch-logging
+description: This document contains information about the Apache APISIX elasticsearch-logging Plugin.
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## Description
+
+The `elasticsearch-logging` Plugin is used to forward logs to [Elasticsearch](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-general-purpose.html) for analysis and storage.
+
+When the Plugin is enabled, APISIX will serialize the request context information to [Elasticsearch Bulk format](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) and submit it to the batch queue. When the maximum batch size is exceeded, the data in the queue is pushed to Elasticsearch. See [batch processor](../batch-processor.md) for more details.
+
+## Attributes
+
+| Name | Required | Default | Description |
+| ------------------- | -------- | --------------------------- | ------------------------------------------------------------ |
+| endpoint | True | | Elasticsearch endpoint configurations. |
+| endpoint.uri | True | | Elasticsearch API endpoint. |
+| endpoint.index | True | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | False | Elasticsearch default value | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | False | true | When set to `true` enables SSL verification as per [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake). |
+| endpoint.timeout | False | 10 | Elasticsearch send data timeout in seconds. |
+
+This Plugin supports using batch processors to aggregate and process entries (logs/data) in a batch. This avoids the need for frequently submitting the data. The batch processor submits data every `5` seconds or when the data in the queue reaches `1000`. See [Batch Processor](../batch-processor.md#configuration) for more information or setting your custom configuration.
+
+## Enabling the Plugin
+
+### Full configuration
+
+The example below shows a complete configuration of the Plugin on a specific Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### Minimal configuration
Review Comment:
```suggestion
### Minimal configuration example
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
Review Comment:
please refer: https://github.com/apache/apisix/blob/master/docs/zh/latest/plugins/http-logger.md
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
Review Comment:
```suggestion
你可以通过如下命令在指定路由上启用 `elasticsearch-logging` 插件:
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
Review Comment:
```suggestion
## 启用插件
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
Review Comment:
```suggestion
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
Review Comment:
```suggestion
`elasticsearch-logging` 插件用于将 APISIX 的请求日志转发到 Elasticsearch 中进行分析和存储,启用该插件后 Apache APISIX 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 Elaticsearch 中。
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
Review Comment:
```suggestion
curl http://127.0.0.1:9080/apisix/admin/routes/1 \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
Review Comment:
```suggestion
### 完整配置示例
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### 最小化配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services"
+ }
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+## 测试插件
+
+- 向配置 `elasticsearch-logging` 插件的路由发送请求
+
+```shell
+$ curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
Review Comment:
```suggestion
curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### 最小化配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
Review Comment:
```suggestion
curl http://127.0.0.1:9080/apisix/admin/routes/1 \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
```
##########
docs/en/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,143 @@
+---
+title: elasticsearch-logging
+keywords:
+ - APISIX
+ - Plugin
+ - Elasticsearch-logging
+description: This document contains information about the Apache APISIX elasticsearch-logging Plugin.
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## Description
+
+The `elasticsearch-logging` Plugin is used to forward logs to [Elasticsearch](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-general-purpose.html) for analysis and storage.
+
+When the Plugin is enabled, APISIX will serialize the request context information to [Elasticsearch Bulk format](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) and submit it to the batch queue. When the maximum batch size is exceeded, the data in the queue is pushed to Elasticsearch. See [batch processor](../batch-processor.md) for more details.
+
+## Attributes
+
+| Name | Required | Default | Description |
+| ------------------- | -------- | --------------------------- | ------------------------------------------------------------ |
+| endpoint | True | | Elasticsearch endpoint configurations. |
+| endpoint.uri | True | | Elasticsearch API endpoint. |
+| endpoint.index | True | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | False | Elasticsearch default value | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | False | true | When set to `true` enables SSL verification as per [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake). |
+| endpoint.timeout | False | 10 | Elasticsearch send data timeout in seconds. |
+
+This Plugin supports using batch processors to aggregate and process entries (logs/data) in a batch. This avoids the need for frequently submitting the data. The batch processor submits data every `5` seconds or when the data in the queue reaches `1000`. See [Batch Processor](../batch-processor.md#configuration) for more information or setting your custom configuration.
+
+## Enabling the Plugin
+
+### Full configuration
+
+The example below shows a complete configuration of the Plugin on a specific Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### Minimal configuration
+
+The example below shows a bare minimum configuration of the Plugin on a Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services"
+ }
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+## Example usage
+
+Once you have configured the Route to use the Plugin, when you make a request to APISIX, it will be logged in your Elasticsearch server:
+
+```shell
+$ curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
Review Comment:
```suggestion
curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
```
##########
docs/en/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,143 @@
+---
+title: elasticsearch-logging
+keywords:
+ - APISIX
+ - Plugin
+ - Elasticsearch-logging
+description: This document contains information about the Apache APISIX elasticsearch-logging Plugin.
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## Description
+
+The `elasticsearch-logging` Plugin is used to forward logs to [Elasticsearch](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-general-purpose.html) for analysis and storage.
+
+When the Plugin is enabled, APISIX will serialize the request context information to [Elasticsearch Bulk format](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) and submit it to the batch queue. When the maximum batch size is exceeded, the data in the queue is pushed to Elasticsearch. See [batch processor](../batch-processor.md) for more details.
+
+## Attributes
+
+| Name | Required | Default | Description |
+| ------------------- | -------- | --------------------------- | ------------------------------------------------------------ |
+| endpoint | True | | Elasticsearch endpoint configurations. |
+| endpoint.uri | True | | Elasticsearch API endpoint. |
+| endpoint.index | True | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | False | Elasticsearch default value | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | False | true | When set to `true` enables SSL verification as per [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake). |
+| endpoint.timeout | False | 10 | Elasticsearch send data timeout in seconds. |
+
+This Plugin supports using batch processors to aggregate and process entries (logs/data) in a batch. This avoids the need for frequently submitting the data. The batch processor submits data every `5` seconds or when the data in the queue reaches `1000`. See [Batch Processor](../batch-processor.md#configuration) for more information or setting your custom configuration.
+
+## Enabling the Plugin
+
+### Full configuration
+
+The example below shows a complete configuration of the Plugin on a specific Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### Minimal configuration
+
+The example below shows a bare minimum configuration of the Plugin on a Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
Review Comment:
```suggestion
curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### 最小化配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services"
+ }
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+## 测试插件
+
+- 向配置 `elasticsearch-logging` 插件的路由发送请求
+
+```shell
+$ curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
+HTTP/1.1 200 OK
+...
+hello, world
+```
+
+- 登录 Kibana 控制台检索查看日志
Review Comment:
```suggestion
现在,你可以登录 Kibana 控制台检索查看相关日志。
```
##########
docs/en/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,143 @@
+---
+title: elasticsearch-logging
+keywords:
+ - APISIX
+ - Plugin
Review Comment:
```suggestion
- API Gateway
- Plugin
```
##########
docs/zh/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,136 @@
+---
+title: elasticsearch-logging
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## 描述
+
+`elasticsearch-logging` 插件用于将 `Apache APISIX` 的请求日志转发到 `Elasticsearch` 中进行分析和存储,启用该插件后 `Apache APISIX` 将在 `Log Phase` 获取请求上下文信息并序列化为 [Bulk 格式](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) 后提交到批处理队列中,当触发批处理队列每批次最大处理容量或刷新缓冲区的最大时间时会将队列中的数据提交到 `Elaticsearch` 中。
+
+有关 `Apache APISIX` 的 `Batch-Processor` 的更多信息,请参考: [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md)
+
+## 属性
+
+| 名称 | 是否必需 | 默认值 | 描述 |
+| ------------------- | -------- | -------------------- | ------------------------------------------------------------ |
+| endpoint | 必选 | | Elasticsearch 端点配置信息 |
+| endpoint.uri | 必选 | | Elasticsearch API |
+| endpoint.index | 必选 | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | 可选 | Elasticsearch 默认值 | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | 可选 | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | 可选 | true | 当设置为 `true` 则允许 SSL 验证,参考 [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake) |
+| endpoint.timeout | 可选 | 10 | 发送给 Elasticsearch 请求超时时间 |
+
+本插件支持使用批处理器来聚合并批量处理条目(日志/数据)。这样可以避免插件频繁地提交数据,默认设置情况下批处理器会每 `5` 秒钟或队列中的数据达到 `1000` 条时提交数据,如需了解或自定义批处理器相关参数设置,请参考 [Batch-Processor](https://file+.vscode-resource.vscode-cdn.net/y%3A/apisix/docs/zh/latest/batch-processor.md#配置) 配置部分。
+
+## 如何开启
+
+下面例子展示了如何为指定路由开启 `elasticsearch-logging` 插件。
+
+### 完整配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### 最小化配置
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services"
+ }
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+## 测试插件
+
+- 向配置 `elasticsearch-logging` 插件的路由发送请求
+
+```shell
+$ curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
+HTTP/1.1 200 OK
+...
+hello, world
+```
+
+- 登录 Kibana 控制台检索查看日志
+
+
+
+## 禁用插件
+
+禁用 `elasticsearch-logging` 插件非常简单,只需将 `elasticsearch-logging` 对应的 `JSON` 配置移除即可。
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
Review Comment:
```suggestion
curl http://127.0.0.1:9080/apisix/admin/routes/1 \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
```
##########
docs/en/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,143 @@
+---
+title: elasticsearch-logging
+keywords:
+ - APISIX
+ - Plugin
+ - Elasticsearch-logging
+description: This document contains information about the Apache APISIX elasticsearch-logging Plugin.
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## Description
+
+The `elasticsearch-logging` Plugin is used to forward logs to [Elasticsearch](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-general-purpose.html) for analysis and storage.
+
+When the Plugin is enabled, APISIX will serialize the request context information to [Elasticsearch Bulk format](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) and submit it to the batch queue. When the maximum batch size is exceeded, the data in the queue is pushed to Elasticsearch. See [batch processor](../batch-processor.md) for more details.
+
+## Attributes
+
+| Name | Required | Default | Description |
+| ------------------- | -------- | --------------------------- | ------------------------------------------------------------ |
+| endpoint | True | | Elasticsearch endpoint configurations. |
+| endpoint.uri | True | | Elasticsearch API endpoint. |
+| endpoint.index | True | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | False | Elasticsearch default value | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | False | true | When set to `true` enables SSL verification as per [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake). |
+| endpoint.timeout | False | 10 | Elasticsearch send data timeout in seconds. |
+
+This Plugin supports using batch processors to aggregate and process entries (logs/data) in a batch. This avoids the need for frequently submitting the data. The batch processor submits data every `5` seconds or when the data in the queue reaches `1000`. See [Batch Processor](../batch-processor.md#configuration) for more information or setting your custom configuration.
+
+## Enabling the Plugin
+
+### Full configuration
+
+The example below shows a complete configuration of the Plugin on a specific Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services",
+ "type": "collector",
+ "timeout": 60,
+ "username": "elastic",
+ "password": "123456",
+ "ssl_verify": false
+ },
+ "buffer_duration":60,
+ "max_retry_count":0,
+ "retry_delay":1,
+ "inactive_timeout":2,
+ "batch_max_size":10
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+### Minimal configuration
+
+The example below shows a bare minimum configuration of the Plugin on a Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "plugins":{
+ "splunk-hec-logging":{
+ "endpoint":{
+ "uri": "http://127.0.0.1:9200",
+ "index": "services"
+ }
+ }
+ },
+ "upstream":{
+ "type":"roundrobin",
+ "nodes":{
+ "127.0.0.1:1980":1
+ }
+ },
+ "uri":"/elasticsearch.do"
+}'
+```
+
+## Example usage
+
+Once you have configured the Route to use the Plugin, when you make a request to APISIX, it will be logged in your Elasticsearch server:
+
+```shell
+$ curl -i http://127.0.0.1:9080/elasticsearch.do?q=hello
+HTTP/1.1 200 OK
+...
+hello, world
+```
+
+You should be able to login and search these logs from your Kibana discover:
+
+
+
+## Disable Plugin
+
+To disable the `elasticsearch-logging` Plugin, you can delete the corresponding JSON configuration from the Plugin configuration. APISIX will automatically reload and you do not have to restart for this to take effect.
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
Review Comment:
```suggestion
curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
```
##########
docs/en/latest/plugins/elasticsearch-logging.md:
##########
@@ -0,0 +1,143 @@
+---
+title: elasticsearch-logging
+keywords:
+ - APISIX
+ - Plugin
+ - Elasticsearch-logging
+description: This document contains information about the Apache APISIX elasticsearch-logging Plugin.
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## Description
+
+The `elasticsearch-logging` Plugin is used to forward logs to [Elasticsearch](https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-general-purpose.html) for analysis and storage.
+
+When the Plugin is enabled, APISIX will serialize the request context information to [Elasticsearch Bulk format](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-bulk.html#docs-bulk) and submit it to the batch queue. When the maximum batch size is exceeded, the data in the queue is pushed to Elasticsearch. See [batch processor](../batch-processor.md) for more details.
+
+## Attributes
+
+| Name | Required | Default | Description |
+| ------------------- | -------- | --------------------------- | ------------------------------------------------------------ |
+| endpoint | True | | Elasticsearch endpoint configurations. |
+| endpoint.uri | True | | Elasticsearch API endpoint. |
+| endpoint.index | True | | Elasticsearch [_index field](https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-index-field.html#mapping-index-field) |
+| endpoint.type | False | Elasticsearch default value | Elasticsearch [_type field](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/mapping-type-field.html#mapping-type-field) |
+| endpoint.username | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) username |
+| endpoint.password | False | | Elasticsearch [authentication](https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-up-authentication.html) password |
+| endpoint.ssl_verify | False | true | When set to `true` enables SSL verification as per [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake). |
+| endpoint.timeout | False | 10 | Elasticsearch send data timeout in seconds. |
+
+This Plugin supports using batch processors to aggregate and process entries (logs/data) in a batch. This avoids the need for frequently submitting the data. The batch processor submits data every `5` seconds or when the data in the queue reaches `1000`. See [Batch Processor](../batch-processor.md#configuration) for more information or setting your custom configuration.
+
+## Enabling the Plugin
+
+### Full configuration
+
+The example below shows a complete configuration of the Plugin on a specific Route:
+
+```shell
+$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
Review Comment:
```suggestion
curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org