I'm not clear how I can upload data to Elasticsearch with the proper type 'login'
I mean, I have a file in which there is a part in a date which has a syslog message, I:% to identify the string to date, to use the GROK in the logstash And the other parts of the message, then I send the output to elasticsearch {}: Appeared in the Elsaticsearch on DATE as STRING Quality is not as DATE. I would like that this data be properly qualified with the correct type in the Elsaticsearch
Thank you in advance
The typical thing to do with a date from your logfile is that @timestamp To replace with that value. First of all, feed it on the filter using filter {}, and then feed it on the {} filter.
If you need to create a second date field in your event, then in the date {} filter to give you the "target" results in the area of your choice.
No comments:
Post a Comment