Logstash elasticsearch filter plugin - set index

Elastic Stack Logstash
1

Hi,

I am trying to use elasticsearch filter plugin in logstash to query previous messages for the same session.
Code:
elasticsearch {
hosts => ["localhost"]
query => "tags:Connection_new AND session_id:%{[session_id]}"
fields => ["logdate", "started"]
}
if ![started] {
mutate {
add_tag => "Connection_new"
}
}

However this query returns error for .kibana index [No mapping found for [@timestamp] in order to sort on].
Is it possible to set index for query to search on using this plugin?

Thank you very much for any help.

2

I've the same problem. Before version 2.0 you could add the index in the host but today it is no longer possible. I found this page: Specify index when using elasticsearch logstash filter but I haven't tried to patch the plugin.