Update / delete an existing log entry using logstash

Question

Update / delete an existing log entry using logstash

Is there a way to tell logstash to delete / update some log entries from Elasticsearch? It seems that Logstash can index documents, but I have not found evidence that it can perform update / delete operations.

If possible, we can assume that we could “log” Elasticsearch operations and use Logstash to display them in bulk in Elasticsearch. Thus, the programmer does not need to create a mechanism for performing bulk operations on Elasticsearch.

+5

elasticsearch logstash

Heschoon Apr 17 '15 at 9:49

source share

1 answer

Heschoon · Accepted Answer · 2015-04-17T12:56:39+0000

Everything is in the docs .

To update an entry in Logstash, you need to provide the document ID in the documentid document, and the document will be replaced with new content.

To delete a document using logstash, specify its id in doc_id and set the action field to delete.

Update / delete an existing log entry using logstash

More articles: