Hi All ,
5 node elasticsearch is running(6.5.1) . TLS is enabled in ES.
File beat(6.4) sending json logs to Logstash(6.5.1) . Logstash is indexing ( default mapping) to ES.
in elasicsearch some fileds are showing unknown . See through kibana. These fileds are generated by beat and logstash . Not in the log file.
Sample:
? beat {
"hostname": "xyz",
"version": "6.4.2",
"name": "xyz"
}
? host {
"name": "xyz"
}
? index {
"_index": "server-metrics",
"_id": "46429",
"_type": "metric"
}
? input {
"type": "log"
}
? beat = unknown
? host = unknown
? index = unknown
? input = unknown