I support an environment similar to AWS where the server names are of limited(/no) value in their raw form, so we have aliased them such that they are meaningful. If the server were rebuilt the zname would change, but the alias not.
I require all data captured in elastic to reference the alias and not the zname.
What do I need to do to make that happen?
You'd need to make your ingest process use it.
Sorry, are you able to explain what you mean by "make your ingest process use it"? Thanks
You'd have to create something to do the rename as you index the data into Elasticsearch.
So an ingest pipeline, Logstash, something custom.
We may have found a way, in that we have defined a host friendly name in the metric beats config, which seems to be appended to all the indexes, so we just need to make sure that that variable is visualised when building visualisations.
This is hopefully simpler than building out some code to rename content on the fly.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.