Logmessage map to tags or fields

jayaram · December 3, 2015, 8:42am

Continuing the discussion from Any Help Un-structure log message to map structure message in Logstash:

magnusbaeck · December 3, 2015, 8:47am

This is a Logstash question so I'm not sure why you want to continue the discussion in the Elasticsearch group.

jayaram · December 3, 2015, 9:25am

i thought it stored in elasticsearrch so same mapping need in elasticsearch

magnusbaeck · December 3, 2015, 9:29am

Yes, Logstash can store data in Elasticsearch. If you use the grok filter as described in the other thread you'll get your log entries stored in Elasticsearch with separate fields for the timestamp, log level, class name, and so on. No further action is necessary on the Elasticsearch side.