Support for script_fields

[consulthys]

Right now, this plugin only supports retrieving data from the _source field. Since the query parameter support the full search DSL, it would be great to also be able to enrich the event with data coming from script_fields.

For instance, it should be possible to configure the elasticsearch input like this:

input {
   elasticsearch {
     hosts => ["localhost:9200"]
     index => "twitter"
     query => '{"script_fields": {"ts": {"script": "doc._timestamp.value"}}, "_source":["*"]}'
     script_fields => true
  }
}

And the resulting events should look like this

{
       "message" => "My Tweet",
          "user" => 5672323424242,
            "ts" => 1496806671021,
      "@version" => "1",
    "@timestamp" => "2017-06-07T05:40:14.233Z"
}

[xiaoxuez]

Hi, I want to use this feather, but i get the gem from '/bin/logstash-plugin install ..' which version is 4.0.3, could u update the image to 4.0.4 ? thx