Hello
Our elk stack is on version 7.6.2
A few days ago we pushed on our team logstash as secure to enable x-pack
we dit same for elastic nodes also kibana
Since we did that logstash is sending weird logs and parameters
example:
parameters.(,dateformat"
parameters."employeeNumber","employeeName","...
is sending almost everything on a message as a parameter!!
We did not changed the filters
Does anyone know why this is happening?
Thank you
except that i'm wrong about whats adding those weird fields and it's more an elastic problem?
It's not really clear what the issue is here.
Can you show an example event?
have deleted confidential stuff on screen
If this can explain. Since elastic stack upgrade to secure with certificates, a lot of parameters are coming as a field, but they should not
before, i hade basic parameters like:
parameters.nb_current_entry
parameters.employeeName
parameters.baseSource
now, i have what you see on screen
but also:
parameters.(elskf'.
parameters.(0elfsg
those kind of things
almost everything on a message is going up as a parameter and so as a field..
Maybe someone has an option or idea to exclude those bad parameters using filters on logstash?
if for example a field start with [,(,,/," just ignore the field creation
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.