Meta data not written to logstash output file

eeijlar · March 9, 2023, 2:02pm

I am using the following logstash pipeline:

- pipeline.id: export-process
      pipeline.workers: 4
      config.string: |
        input {
          elasticsearch {
            hosts => "http://elastic:80/elasticsearch/"
            user => "elastic"
            password => ""
            ssl => "false"
            index => "metricbeat-*"
            docinfo => true
            query => '{
                "query": {
                  "bool": {
                    "filter": {
                      "range": {
                          "@timestamp": {
                          "gte": "now-35m",
                          "lte": "now",
                          "format": "strict_date_optional_time||epoch_millis"
                          }
                      }
                    }
                  }
              }
            }'
          }
        }
        output {
          file {
            gzip => "true"
            path => "/usr/share/logstash/export/export_%{[@metadata][_index]}.json.gz"
          }
        }

This however just creates raw blobs of json with no meta data surrounding the document such as the index it came from etc.

system · April 6, 2023, 2:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.