You're getting a _grokparsefailure tag but the grok filter appears to be successful since the fields have been extracted. I suspect it's the second grok filter that's causing this. Use a mutate filter for unconditionally removing fields.
You're getting a _grokparsefailure tag but the grok filter appears to be successful since the fields have been extracted. I suspect it's the second grok filter that's causing this. Use a mutate filter for unconditionally removing fields.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.