It is unclear what you want in the created field. Do you want a string with the 4 things concatenated (which you can do using grok and mutate+gsub), or an array of 2 strings, or an array of 4 strings (both of which can be done using ruby).
It is unclear what you want in the created field. Do you want a string with the 4 things concatenated (which you can do using grok and mutate+gsub), or an array of 2 strings, or an array of 4 strings (both of which can be done using ruby).
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.