"Hello Community,
I've always found great support here, and I'm hoping for the same assistance again. In my application, I'm dealing with three different types of logs. These logs are sent to Logstash via Filebeat, where they are parsed and relevant information is extracted. Each type of log has its own configuration file in Logstash, resulting in three separate indices in Elasticsearch. I can visualize these indices in Kibana.
All three types of logs share a common attribute/field. What I want to do is merge these logs based on this common attribute and analyze them collectively in Kibana. When I had a single-node Elasticsearch setup, I achieved this by creating a merge.conf file in Logstash, which mapped the common attribute from all three indices. I used to run this Logstash configuration file using cron jobs.
Now, I've migrated to a 3-node Elasticsearch cluster. I need guidance on how to achieve this merging and analysis considering the new cluster setup.
Thanks a lot in advance for your help!"