OKJN
Reputation: 31
Issue with elasticsearch ingest pipeline drop processor
I have an elasticsearch ingest pipeline to ingest logs however I want to drop the document if it contains a certain string in the message field. I am trying to use the drop processor for this but the document does not seem to get dropped.
I have the following drop processor:
"drop": {
"if" : "ctx.message == '(^commit{dir=.+)'"
},
I am expecting this to drop any document with a matching expression in the message field but this is not happening. Am I misunderstanding how this processor works?
Thanks
Upvotes: 1
Views: 1715
Answers (1)
OKJN
Reputation: 31
Ok, so after much googling I found this https://github.com/elastic/elasticsearch/issues/36150
This is a known bug which is fixed in 7.4
Upvotes: 1
Related Questions
- How to specify the ingest pipeline
- ElasticSearch Ingest Pipeline Null Value Question
- Drop Processor on APM-Elastic
- Use Ingestion Pipeline to split between two indexes
- Conditional indexing not working in ingest node pipelines
- Elasticsearch ingest pipeline script processor fails to cast
- Elasticsearch Circle Ingest Processor on Amazon Elasticsearch Service
- How come my ElasticSearch ingest pipelines with multiple grok patterns are all failing?
- Performance Issue: rejected execution of org.elasticsearch.ingest.PipelineExecutionSService
- Error trying to simulate a pipeline