Logstash Extract Elasticsearch Nested Fields

tusharnemade · June 14, 2021, 4:52pm

I also tried below :

specifying "[appEvents][0][attribute_num][filesPendingForUpload]"

input {
  elasticsearch {
    hosts => "10.10.101.1:9200"
    size => 10000
    index => "backupindex"
  }
}



output {
  csv {
    fields => ["userId", "timeStamp", "[backupSettings][backgroundUploading]", "[backupSettings][connectionType]", "[backupSettings][contactBackup]", "[backupSettings][contactPermission]", "[backupSettings][photoBackup]", "[backupSettings][photoQuality]", "[backupSettings][storagePermission]", "[backupSettings][videoBackup]", "[appEvents][0][attribute_num][filesPendingForUpload]"]
    path => "/tmp/exp.csv"
  }
}

specifying "[appEvents][attribute_num][filesPendingForUpload]"

Both did not helped me ... IN CSV , field was blank.

Topic		Replies	Views
Logstash. Export data from Elasticsearch's nested field Logstash	8	1594	August 13, 2020
Logstash CSV Output all fields are not working Logstash	3	848	September 30, 2021
Logstash : How to extract a nested field from Json log and only index the content of the nested field Logstash	6	1728	November 24, 2022
Importing into nested document using logstash Logstash	1	1439	September 22, 2017
Logstash - output csv plugin - all fields are strings Logstash	7	726	April 27, 2021

Logstash Extract Elasticsearch Nested Fields

Related Topics