Not able to index array in logstash

Mohit_Gupta2 · July 19, 2023, 11:11am

As it says, Logstash is not able to index array of strings or any kind of string for that matter.
eg. - country :["some_name"] is not mapped while country: '["some_name"]' is indexed although it is showing the unmapped field in log_entry .
logstash.conf

input {
  mongodb {
    uri => "mongo_uri"
    placeholder_db_dir => "/usr/share/logstash/"
    placeholder_db_name => "logstash_sqlite.db"
    collection => "test"
    batch_size => 50000
  }
}

 

filter {
  mutate {
    remove_field => ["_id"]
  }
}
output {
  elasticsearch {
    hosts => ["http://ip:9200/"]
    index => "test"
  }

system · August 16, 2023, 11:12am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash pipeline indexing error Logstash	3	139	March 11, 2024
Logstash fails to parse array index from URL Logstash	1	542	July 6, 2017
Could not index event to Elasticsearch Logstash	2	340	May 31, 2021
Some application logs are not getting indexed Logstash	6	905	November 24, 2021
Data can not be indexed Logstash	15	6248	September 21, 2018

Not able to index array in logstash

Related Topics