Logstash elastic search filter plugin

Hi , I'm quite new to ELK stack . What is the purpose of options like aggregation_fields,sort and enable_sort in elasticsearch filter plugin ? how do they work ? and i have even tried with the following configuration ,that doesn't work for me ..
Here the configuration for filter plugin :
aggregation_field :
filter {
elasticsearch {
hosts => ["localhost"]
index => "test1"
query => "priority:M"
result_size => 8
aggregation_fields => {
"country" => "test"
}
}
}
sort : sort works only for timestamp field. why?
filter {
elasticsearch {
hosts => ["localhost"]
index => "test1"
query => "priority:M"
result_size => 8
sort => "country:desc"
}
}
Thanks in advance.

Hi,

Aggreation => work to add two or more values
Sort => To sort the value based Time , Minimum value , maximum value.

Share your setup and what is the purpose or your plan on ELK stack.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.