New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Logs+] Add JSON parsing pipeline #95522
Comments
Pinging @elastic/es-data-management (Team:Data Management) |
This issue is currently blocked on #95782 |
@felixbarny I think of adding exactly what you proposed in your prototype, only with |
One issue with having a managed pipeline referring to another managed pipeline is that we'd need to add a dependency-validation to make sure that the dependee pipeline is installed before the dependent pipeline. This would add some complexity for multiple reasons:
One option is to add a |
I don't think so as the pipeline would be re-installed
I think something like that could work. The question is where users would set that, though. I suppose the answer is that they can set it in the
As a simple workaround, can we just set the |
That's what I meant with
not ideal and I am not sure how to do that, but an option
It is not only a problem of whether or not there is an error due to the pipeline, it is also the problem of race condition when installing them concurrently, which may lead to indexing inconsistency. Maybe we can simply leave with that. |
Enhancing the
logs-*-*
index template with a default ingest pipeline that is first doing a pre-flight check if themessage
field might be JSON and then uses the JSON processor to decode the JSON and merge it top-level with the document.See also this prototype: https://gist.github.com/felixbarny/a9a2f6243153d5508643fd95ac968a88#file-routing-yml-L114-L174
Open questions and things to consider
The text was updated successfully, but these errors were encountered: