Your grok expression expects four fields but your input only provides three.
Also, while unrelated to your problem you're extracting the timestamp to the somestamp field but that's not the field you're feeding the date filter with.
Your grok expression expects four fields but your input only provides three.
Also, while unrelated to your problem you're extracting the timestamp to the somestamp field but that's not the field you're feeding the date filter with.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.