Hi Team,
I am trying to use processors to limit data but drop fields and events not working together.
processors:
drop events:
regexp:
system.process.name: "svchost*"
drop_fields:
fields: ["_id", "_index", "_score"]
ignore_missing: True
'''
Please if anyone can help.
Hi Team,
Need some help here
Regards
Nirav
What do you mean by "not working"?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.