Logstash reading events from March 14th on March 16th

devops_training · March 24, 2025, 10:56am

Thanks team.

I read about the deduplication issue.

I Want to remove the duplicate events inside Logstash filter how could I do that? I mention the events below please have a look and suggest.

Duplicate events are overwritten.
If you have ILM policy where you can write to index for 2 days and if logstash will try to write that index ( duplciate events are updated not dropped)

we need to find a way to drop the event if it is overwriting or index based on logstash timestamp no issue will be seen, if it is from timestamp generated from the event metadata then issue starts.

Topic		Replies	Views
Logstash pushes duplicate logs to elasticsearch Logstash	0	17	March 19, 2025
Logstash pushing event to older index Logstash	10	51	January 28, 2025
[logstash.outputs.opensearch][main][9182 Retrying individual bulk actions that failed or were rejected by the previous bulk request {:count=>125} Elasticsearch	7	346	June 13, 2024
I can't parse my logs anymore Logstash	7	545	August 7, 2018
Error in logstash-plain-logs in /applog/logstash Logstash	2	23	October 10, 2024

Logstash reading events from March 14th on March 16th

Related topics