@dadoonet @magnusbaeck
Magnus Bäck
My Elasticsearch is dying with this groke pattern and the following is the error from es.
Please let me know whether these groke patterns can be optimized for optimal performance of logtstash
Es error:
Object mapping for [configurationItems.configuration.state] tried to parse field [state] as object, but found a concrete value
and please find groke pattern over here:
Please do not ping people not already involved in the issue. This forum is manned by volunteers, so please be patient and wait for someone to respond.
This has nothing to do with grok, but rather the structure of your document. Elasticsearch requires that every field has a single mapping, and you have a field name state that in different parts of the document contains a concrete value and in others an object. This is not allowed, so you need to change the structure.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.