Hi,
My log files are in this format :
https://pastebin.com/6aWqWUiY
so I use Filebeat to feed elasticsearch with my logs but when I create an index template in Kibana I have 305 fields and some are related to apache2, nginx, ...
I don't need all those fields so is it possible to remove them without using Logtash ?
Sorry for my bad English ^^
Sorry for my bad English ^^
Which part is bad? No worries... I'm not native either. BTW as your name sounds french, you might want to know that we have a dedicated forum en français in Discussions en français
I don't need all those fields so is it possible to remove them without using Logtash ?
You can probably modify the template in filebeat by changing fields.yml.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.