Had to comment out _type field

dgunter / evtxtoelk

A lightweight tool to load Windows Event Log evtx files into Elasticsearch.

MIT License

115 stars 27 forks source link

Had to comment out _type field #5

Closed reswob10 closed 2 years ago

reswob10 commented 2 years ago

I just used this tool on linux to import into and ELK stack. Works great, but I had to comment out the line that assigned a _type field because it Elasticsearch said that field value was invalid. This is with ES 8.3.3

Otherwise, works great.

alex87fr commented 2 years ago

The same.... But how to replace "_type" please ?

its working great.

joseraeiro commented 2 years ago

Yes, could you please explain with more detail how (and where) were you able to comment out the line that assigned a _type field.

dgunter commented 2 years ago

Going to fix this issue this week with issue #6. It's an ELK 8 change we need to make on our end.