You will first need to parse out the logdate field, which it looks like is not done correctly. You'll need to use the grok filter to parse your message first.
You will first need to parse out the logdate field, which it looks like is not done correctly. You'll need to use the grok filter to parse your message first.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.