Logstash elasticsearch filter plugin - set index

Julia_Murinova · December 18, 2015, 3:02pm

Hi,

I am trying to use elasticsearch filter plugin in logstash to query previous messages for the same session.
Code:
elasticsearch {
hosts => ["localhost"]
query => "tags:Connection_new AND session_id:%{[session_id]}"
fields => ["logdate", "started"]
}
if ![started] {
mutate {
add_tag => "Connection_new"
}
}

However this query returns error for .kibana index [No mapping found for [@timestamp] in order to sort on].
Is it possible to set index for query to search on using this plugin?

Thank you very much for any help.

Hornov · December 29, 2015, 9:34am

I've the same problem. Before version 2.0 you could add the index in the host but today it is no longer possible. I found this page: Specify index when using elasticsearch logstash filter but I haven't tried to patch the plugin.

Topic		Replies	Views
While using elastic search as the input, not able to fetch data using the same index in elastic seach plugin for filter Logstash	3	293	December 27, 2018
Logstash-filter-elasticsearch plugin - specify index to search Logstash	2	471	July 6, 2017
Elastic filter plugin is not working Logstash	2	835	January 7, 2018
Using Elasticsearch filter plugin to add information to a index Logstash	2	339	July 6, 2018
Specify index when using elasticsearch logstash filter Logstash	6	2032	January 19, 2018

Logstash elasticsearch filter plugin - set index

Related topics