tag:blogger.com,1999:blog-8105621.post3284912924817067897..comments2023-10-07T03:46:44.740-04:00Comments on danno's blog: Lessons Learned with Logstash - Part IIAnonymoushttp://www.blogger.com/profile/05568413679911854575noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-8105621.post-29567026645142124582017-07-02T23:12:05.541-04:002017-07-02T23:12:05.541-04:00In the next article I'll go over the gory deta...<i>In the next article I'll go over the gory details of how to properly define the fields you intend to use. At a basic level, you use strict LS filter rules along with the dynamic field mapping capability to see what fields come across from LS to ES. It allows you to tweak your filter rules until only the fields you want are traversing the stack. From there you feed them back in as a template (along with changes to the field types) and voila! ES and LS suddenly seem to get along with each other.</i><br /><br /><br />You mean, like this? https://www.elastic.co/blog/logstash_lesson_elasticsearch_mappingAnonymousnoreply@blogger.com