Hi there,
i'm rather new to elasticsearch, i already have read the first-step user guide for elasticsearch but i'm still confused.
I have set up winlogbeat to send all PrinterOperational Logs to my elasticsearch server which works fine.
Now Elasticsearch has created out of nowhere some new fields out of that eventlog message:
This is good, so i dont have to manually extract those this data, but it created all fields as type "string" and i would need "user_data.Param8" as Numeric so i can use it in visualization.
I have tried it with a scripted field, but then i get some error messages in the elasticsearch log (https://gist.github.com/empfangsfehler/ef661c9f6a0a683c9743c4116e5db66c) when i try to use this field in a Metric Visualization.
Regards, -e