I am using EFK stack in my GKE cluster and recently i observed below errors in my fluentd logs. This has started after adding new data point for geopoint in the fluentd. can somebody please help on this?
2020-09-03 16:51:10 +0000 [warn]: dump an error event: error_class=Fluent::Plugin::ElasticsearchErrorHandler::ElasticsearchError error="400 - Rejected by Elasticsearch" location=nil tag="kubernetes.var.log.containers.nginx-ingress-controller-6cf5b5865b-42tk7_default_nginx-ingress-controller-86366553c82ed2b467adb8ce32302bdf1560b2083d2224aa51097f778acea172.log" time=2020-09-03 16:50:55.689944289 +0000 record
http_geohash is the new datapoint added in the fluentd config map.
fluent_elastic_mapping.template: |-
{
"template": "fluentd-*",
"mappings": {
"default": {
"properties" : {
"geoip_location": { "type": "geo_point" },
"http_geohash": { "type": "geo_point" }
}
}
}
}