Hello. I need help i can't understand why my doc versions staying in elastic unupgraded (version 1 and that's all). I have ELK on one node which accepts network logs by logstash and keeps them. In logstash filters i have fingerprint and on output to elasticsearch have documet_id who focuses on fingerprint feeld. In kibana i see that doc versions are staying "version 1" but in logs kibsna page in livestream can see that when it accepts the same log it just update timestamp. I need to know how many same logs came and use fingerprint benefits.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.