Hi, first time on this forum, sorry if this is a duplicate. I'm running into some weird hardware-specific issues running LogStash that's causing the aggregate plugin to not apply on certain events. However, all of the data piecemeal would be uploaded to Elasticsearch, because I'm grouping events w/ aggregate using a unique ID, and all of the different events (regardless if aggregate ran or not) would contain this unique ID. Is there a feature in Elasticsearch similar to the Logstash aggregate filter, where I can smush different uploaded items together based on if one of their fields is the same value or not?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.