Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>6}

shruti51 · May 30, 2019, 6:45am

Hi,

I am trying to parse my logs via filebeat but getting the error:
Detected a 6.x and above cluster: the type event field won't be used to determine the document _type {:es_version=>6}.

Please suggest how to resolve this.

Filebeat configuration is :
> - type: log
>
> # Change to true to enable this input configuration.
> enabled: true
>
> # Paths that should be crawled and fetched. Glob based paths.
> paths:
> - /ABC/RT_XYZ/.log
> - /ABC/ghi/.log
> fields: {log_type: GA-SAG}

logstash is:

input {
beats {
port => 5044
}
}

filter {
if [fields][log_type] == "GA-SAG" {
body
}

output {
if [fields][log_type] == "GA-SAG" {
elasticsearch {
hosts => ["name"]
manage_template => false
user => logstash_admin_user
password => vgh
index => "sat-%{+YYYY.MM.dd}"
}
stdout {
codec => rubydebug
}
}

Badger · May 30, 2019, 9:44am

AFAIR this is not an error, it is an informational message.

shruti51 · June 12, 2019, 10:33am

Yes Badger.I figured it our later.

Thanks for the reply.

system · July 10, 2019, 10:47am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.