Hi folks,
I've just recently started to work with ElasticSearch and Kibana. My development team have stood-up our own EK stack (ElasticSearch w/Kibana - no Logstash). Everything has been going reasonably smooth so far but in the past few months I've noticed when teams are logging large JSON payloads, the dynamic mapping is adding a considerable amount of new field mappings to our indexes.
I've managed to alleviate most of this by disabling dynamic mapping where possible. However, I'd like to create some form of alerting that would warn my team when indexes are nearing their existing field mapping limits. Is there anything that can be done via Kibana or ES directly that would enable this? I was attempting to create a scheduled extraction query to do this but have been unsuccessful so far.
Any guidance with this would be much appreciated.
Thanks,
Andrew