So i am sending data of event viewer through winlogbeat to kibana. Actually my event_data.boottime value is coming in string format and i wanted this data field in number format. I have tried changing the format in winlogbeat.template.json but its not working.boot time field
Asked
Active
Viewed 483 times
1 Answers
0
You need to make sure the mapping is defined correctly so that the data is automatically converted and save in required format by elastic.
"boot_time": {
"type": "long"
}
You can check the current mapping of your type by using
http://elasticip:port/indexname/typename/_mapping
lrathod
- 1,094
- 1
- 9
- 17