Logstash and parsing submessage
I have 3 types of log messages
adding date in elasticsearch index name doesn’t work
I have been using the following code for the elasticsearch output plugin of a logstash, but it creates the index named as mt-raw-00001
Logstash fails to aggregate documents with similar timestamps
I have Logstash running on a server, receiving its input from Filebeat and sending its output to Elasticsearch. The inputs are of two types: “data arrival” and “sent data”. Each input of type “data arrival” should be paired with a specific input of type “sent data”. Logstash does this pairing by aggregating the inputs that have a common value for the field “port number”. The documents written in the Elasticsearch index merge the information contained in the paired “data arrival” and “sent data” inputs. In other words, these documents should not present the “data arrival” input individually (and similarly for the “sent data” input).
What is elasticsearch supported Logstash-output-jdbc plugin
My use case is to transfer data from Elasticsearch to Postgres. While exploring, I could find logstash-ouput-jdbc plugin(https://github.com/theangryangel/logstash-output-jdbc?tab=readme-ov-file) but it does not seem to be officially supported and there can be vulnerabilities and risks. Can someone please point to the official link in the Elasticsearch guide where i can find this plugin.