Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
Konstantin2015-08-03 17:46:12
elasticsearch
Konstantin, 2015-08-03 17:46:12

Why in Elasticsearch as backend of Logstash all fields are of string type?

Hello.
We are introducing the ELK stack into the infrastructure, we decided to do a pilot launch on nginx access logs. We installed everything, set up the collection, but when it came to analytics, it turned out that it was impossible to do any arithmetic aggregations in Kibana, after a short trial it turned out that all fields in ES have type: string and because of this it is impossible to do Sum or Avg.
I specifically flipped through a bunch of tutorials on installing ELK, but the mappings are not explicitly written anywhere, from which I can conclude that people have the right types out of the box.
Question: what did we do wrong and how can this situation be corrected without losing the data already collected?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
index0h, 2015-08-03
@index0h

Option A: register the template in ElasticSearch
Option B: register the mutation in Logstash

Similar questions
I
Ivan2021-12-19 00:41:26
How to make nginx custom log format in docker-compose? 1Reply
D
diqeeeeeeeeeeei2018-10-31 12:14:17
How to filter aggregation in elasticsearch? 0Reply
N
Nokyta2014-04-21 23:12:54
Is there an analogue of IN() in ElasticSearch for nested? 1Reply
S
Sergey2018-11-26 17:33:50
How to list the slowest requests? 1Reply
E
EmachinesDIMA2022-01-27 14:34:17
How can I configure logs to be sent to specific containers and not all running on the host? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question