Integration Name
Custom Logs (Filestream) [filestream]
Dataset Name
No response
Integration Version
Any
Agent Version
Irrelevant
Agent Output Type
elasticsearch
Elasticsearch Version
Any
OS Version and Architecture
Irellevant
Software/API Version
No response
Error Message
No response
Event Original
No response
What did you do?
Installed the integration and started ingesting data
What did you see?
The Filestream Integration mappings set log.offset to keyword vs the other Integrations (where applicable) sets the field to long, causing mapping conflicts in the logs-* data view. Having the mapping issue here will cause issues down the line with dashboards, visualisations, etc.
What did you expect to see?
No mapping conflicts
Anything else?
Mapping examples from different integrations
Integration Name
Custom Logs (Filestream) [filestream]
Dataset Name
No response
Integration Version
Any
Agent Version
Irrelevant
Agent Output Type
elasticsearch
Elasticsearch Version
Any
OS Version and Architecture
Irellevant
Software/API Version
No response
Error Message
No response
Event Original
No response
What did you do?
Installed the integration and started ingesting data
What did you see?
The Filestream Integration mappings set log.offset to keyword vs the other Integrations (where applicable) sets the field to long, causing mapping conflicts in the logs-* data view. Having the mapping issue here will cause issues down the line with dashboards, visualisations, etc.
What did you expect to see?
No mapping conflicts
Anything else?
Mapping examples from different integrations