ElasticsearchError error=“400 - Rejected by Elasticsearch

I am using EFK stack in my GKE cluster and recently i observed below errors in my fluentd logs. This has started after adding new data point for geopoint in the fluentd. can somebody please help on this?

2020-09-03 16:51:10 +0000 [warn]: dump an error event: error_class=Fluent::Plugin::ElasticsearchErrorHandler::ElasticsearchError error="400 - Rejected by Elasticsearch" location=nil tag="kubernetes.var.log.containers.nginx-ingress-controller-6cf5b5865b-42tk7_default_nginx-ingress-controller-86366553c82ed2b467adb8ce32302bdf1560b2083d2224aa51097f778acea172.log" time=2020-09-03 16:50:55.689944289 +0000 record

http_geohash is the new datapoint added in the fluentd config map.

fluent_elastic_mapping.template: |-
"template": "fluentd-*",
"mappings": {
"default": {
"properties" : {
"geoip_location": { "type": "geo_point" },
"http_geohash": { "type": "geo_point" }

What does the data look like?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.