Transform Logs in Elasticsearch


We have the problem that we changed our filebeat to write directly into elasticsearch and our logs aren't split in specific fields anymore. Do I have to write my logs into elasticsearch with logstash to split them into fields or do I have the possibility in elasticsearch aswell?

You can use ingest node to do this in Elasticsearch before they are indexed, see and

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.