I also tried below :
- specifying
"[appEvents][0][attribute_num][filesPendingForUpload]"
input {
elasticsearch {
hosts => "10.10.101.1:9200"
size => 10000
index => "backupindex"
}
}
output {
csv {
fields => ["userId", "timeStamp", "[backupSettings][backgroundUploading]", "[backupSettings][connectionType]", "[backupSettings][contactBackup]", "[backupSettings][contactPermission]", "[backupSettings][photoBackup]", "[backupSettings][photoQuality]", "[backupSettings][storagePermission]", "[backupSettings][videoBackup]", "[appEvents][0][attribute_num][filesPendingForUpload]"]
path => "/tmp/exp.csv"
}
}
- specifying
"[appEvents][attribute_num][filesPendingForUpload]"
Both did not helped me ... IN CSV , field was blank.