Elasticsearch automatic reindex

bianca6 · March 4, 2022, 1:51pm

Hello,

I am using a pipeline with Filebeat / Logstash / Elasticsearch / Kibana version 8 to deal with logs.

One of the field is a nano second timestamp.
Long story, I can't send it as a 'date_nanos', so, what I'm doing instead is I send it as a string, and then, Elasticsearch know how to use it as a 'date'.

After that, I create a new index (copy paste the mapping), I change from 'date' to 'date_nanos' and I reindex what Logstash sent.

This is a really boring manual task incompatible with production, but this is all I can read "just reindex, just reindex, just reindex...".

So, how can I automate this? Is there a way from logstash to choose a mapping from Elasticsearch? Or maybe Elasticsearch can reindex automaticaly?

Thanks for your time and answers.

Christian_Dahlqvist · March 5, 2022, 4:34am

Why don't you specify an index template with the mapping so it applies for all new indices?

warkolm · March 6, 2022, 10:25pm

Yep, look at Index templates | Elasticsearch Guide [8.0] | Elastic

bianca6 · March 7, 2022, 8:25am

I was not aware of this, well, it seems to suit perfectly, thanks for the information!

system · April 4, 2022, 8:26am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Timestamp want to store in index as date datatype Elasticsearch	7	849	January 4, 2019
Logstash Logstash migration , reindex	3	578	May 6, 2021
Logstash output date, using timestamp of filebeat instead of server time Logstash elastic-stack-monitoring	13	279	June 7, 2024
Filebeat new timestamp field Beats filebeat	3	2601	May 29, 2018
Reindexing Logstash indices to use new index template Elasticsearch	4	2427	August 10, 2020

Elasticsearch automatic reindex

Related Topics