Skip to content

[DOCS] Add grok and dissect support for runtime fields #68422

New issue
New issue
Closed
#69308
Closed
[DOCS] Add grok and dissect support for runtime fields#68422
#69308
Assignees
lockewritesdocs
Labels
:Search/SearchSearch-related issues that do not fall into other categories>docsGeneral docs changesTeam:DocsMeta label for docs teamTeam:SearchMeta label for search teamv7.13.0v8.0.0-alpha1
@lockewritesdocs

Description

@lockewritesdocs
lockewritesdocs
opened on Feb 2, 2021

#68088 added grok and dissect support for runtime fields. After talking with @nik9000, we should expand the runtime fields examples to include child pages specifically for grok and dissect. The new structure will have users index some fields and ingest data like on the current examples page, but then introduce new examples for grok and dissect that will operate on this data.

Grok example:

PUT localhost:9200/logs/_mappings
{
  "runtime" : {
    "message.clientip" : {
      "type" : "ip",
      "script": "emit(grok('%{COMMONAPACHELOG}').extract(doc["message"].value)?.clientip)"
    }
  }
}

Metadata

Metadata

Assignees

Labels

:Search/SearchSearch-related issues that do not fall into other categories>docsGeneral docs changesTeam:DocsMeta label for docs teamTeam:SearchMeta label for search teamv7.13.0v8.0.0-alpha1

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions