Logstash (2.4.0) and Elasticsearch (2.4.1) missing .raw fields

Asked Nov 30 '16 at 20:19

Active Nov 30 '16 at 20:19

Viewed 183 times

I am a newbie to ELK and just found the raw fields missing from Elasticsearch as showed in Kibana below,

I checked Logstash data mapping as below,

and the simple Logstash configuration,

Could someone please shed a light on how to make both analysed and non analysed fields available?

Thanks, Sean

asked Nov 30 '16 at 20:19

Sean Sun

solving the issue by change manage_template to true. see http://stackoverflow.com/questions/33979226/where-do-raw-fields-come-from-when-using-logstash-with-elasticsearch-output – Sean Sun Dec 01 '16 at 03:17

0 Answers0