search

opendistro-for-elasticsearch / sample-code

👋 Welcome to the Open Distro sample-code area. Share your great ideas and code samples with the Open Distro Community.
https://github.com/opendistro-for-elasticsearch/sample-code
Apache License 2.0
278 stars 81 forks source link

Ingest Node - Grok Processor #239

Closed christopherfriedrich closed 3 years ago

christopherfriedrich commented 3 years ago

Hi guys,

i am trying to transform my documents in opendistro elasticsearch with an ingest pipeline with a grok processor (i also enabled the security feature and use the admin user for everything). So i created a pipeline using the REST API (PUT _ingest/pipeline/my-pipeline) and configured filebeat to use this pipeline:

output:
    elasticsearch:
       …
       pipeline: my-pipeline
       …

But when watching the documents, they are not transformed, and it seems like the pipeline is ignored. Filebeat connects to the elasticsearch container and the logs are shown there but the transformation was not executed. I tested it with the elastic-oss image and it works there. Any ideas?

Jon-AtAWS commented 3 years ago

Hi @christopherfriedrich,

Sorry for the long delay. I don't have an answer, but could you please re-ask your question on this forum: https://discuss.opendistrocommunity.dev/c/general-elasticsearch/10.

Thanks,

Jon