Netflow index issues

Hello everybody,

i tried to setup netflow logstash based on this tutorial :

https://www.elastic.co/guide/en/logstash/current/netflow-module.html

Everything works fine except the kibana dashboards

I get a lot of errors like following

Visualize: Fielddata is disabled on text fields by default. Set fielddata=true on [netflow.dst_addr] in order to load fielddata in memory by uninverting the inverted index. Note that this can however use significant memory. 

error.png1502×511 65.5 KB

I am not sure if i did something wrong or the provided index is broken

Please help

Best regards

Text fields by default cannot be used for aggregation. You have to either map the fields as keyword type or set fielddata to true for the text fields, which consumes more memory.

Keyword type https://www.elastic.co/guide/en/elasticsearch/reference/6.2/keyword.html

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.