Logstash elastic search filter plugin

(Gomathi Meena) #1

Hi , I'm quite new to ELK stack . What is the purpose of options like aggregation_fields,sort and enable_sort in elasticsearch filter plugin ? how do they work ? and i have even tried with the following configuration ,that doesn't work for me ..
Here the configuration for filter plugin :
aggregation_field :
filter {
elasticsearch {
hosts => ["localhost"]
index => "test1"
query => "priority:M"
result_size => 8
aggregation_fields => {
"country" => "test"
}
}
}
sort : sort works only for timestamp field. why?
filter {
elasticsearch {
hosts => ["localhost"]
index => "test1"
query => "priority:M"
result_size => 8
sort => "country:desc"
}
}
Thanks in advance.

(nandha) #2

Hi,

Aggreation => work to add two or more values
Sort => To sort the value based Time , Minimum value , maximum value.

Share your setup and what is the purpose or your plan on ELK stack.

(system) closed #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.