Not able change type of a field string to date using index template

In elasticsearch 6.3 indexing windows log using Nxlog(3.7).

Without any template all the fields indexed as strings. To get a date field we tried to change the Eventdate field as date. But getting parsing error.

the below config used for index template
"EventTime": {
"type": "date",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.