Hi all,
I currently use elastic to store log file.
Can some one tell me how to write the watcher to have the output to an index,
I want whenever there is a something that matche my query then watcher will output the whole event(data) to an index
For example: if there is some user log in with error credentials then watcher will output the whole logfile to an index
Please help me
Thank you
You can use the index action for that.
Yes thank you but can you tell me more, because i have tried to use the index action and it only index the number of result for me and the the actual data itself
sharing your watch would be a tremendous help, as then there is a base to discuss and change the action.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.