hi , if any one know if i can and how to receive for the first time a log in logstash filter it then save it in ES , next step is to receive another type of logs filter it then add its fields to the first one saved in ES using an ID or sthing thanks a lot !!

Enrich-existing-elasticsearch-index-with-new-fields-from-logstash

Mark_Harwood (Mark Harwood) January 25, 2017, 10:18am 2

You can use the update API [1]
This talk [2] gives examples on using scroll and update APIs to efficiently update positions as new log records arrive.

[1] https://www.elastic.co/guide/en/elasticsearch/reference/5.1/docs-update.html
[2] https://www.youtube.com/watch?v=yBf7oeJKH2Y

Topic		Replies	Views
Enrich existing elasticsearch index with new fields from logstash Logstash	2	752	January 29, 2017
Combining log lines Elasticsearch	2	375	July 6, 2017
Update document in elasticsearch Elasticsearch	4	529	November 1, 2018
Updating data in elasticsearch with logstash Logstash	2	582	August 21, 2018
Can I use Logstash to add new fields to a document that's already in Elasticsearch? Logstash	3	3413	July 6, 2017

Enrich-existing-elasticsearch-index-with-new-fields-from-logstash

Related topics