Hello Everyone,
I need some help, I am using a datastream for storing data from a firewall. I wanted to see which fields were created as part of the data ingested from my Logstash input. So I can then create a component template which defines the correct field types.
Is someone able to guide me on how I can view the fields in the datastream called logs-vendor-firewall, which has a hidden index of .ds-logs-vendor-firewall-2024.03.24-000001.
Many thanks in advance.
Either the field caps api (GET logs-vendor-firewall/_field_caps?field=*) or field mapping api (GET logs-vendor-firewall/_mapping/field/*)should be able to help you here.
Hey Martijn,
Many thanks for this. The second API call has worked for me.
GET logs-vendor-firewall/_mapping/field/*
Now I can use this to create a component template for this particular firewall device.
Thanks again.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.