Hi Hung_M_Le,
Have you considered using grok again on your newly generated fields ? You could also split by "/", rename fields you want to keep and drop the others but I don't see why you would do this if grok is usable.
Regards,
S0ul
Hi Hung_M_Le,
Have you considered using grok again on your newly generated fields ? You could also split by "/", rename fields you want to keep and drop the others but I don't see why you would do this if grok is usable.
Regards,
S0ul
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.