Badly formatted index, after interpolation still contains placeholder
Just to give context, in case you are facing the error above, its likely because Elasticsearch output does not accept field names to compose the data_stream name like it does for a normal "index" name.
This will not work, for instance:
data_stream => true
data_stream_type => "logs"
data_stream_dataset => "%{[my_field]}"
data_stream_namespace => "%{[@metadata][version]}"
You should instead add the fields in a mutate filter, in the filter section, like @Pascal_Nuccio mentioned:
mutate {
add_field => {
"[data_stream][type]" => "logs"
"[data_stream][dataset]" => "%{[my_field]}"
"[data_stream][namespace]" => "%{[@metadata][version]}"
}
}