Joey,
I just used ES templates directly, like this:
curl -XPUT "http://localhost:9200/_template/geoip"; -d '
{
"template":"graylog_*",
"mappings":{
"message":{
"properties":{
"DestinationIP_geopoint":{
"type":"geo_point"
},
Jesse, any chance you would consider posting the template you used for
this? I think we are both doing something similar. I have written a
Graylog plugin which retrieves geo-location data from a local server using
a RESTful API. The lat/lon is stored as a field in Elasticsearch, however
when
Hi Kay! Thanks for the detailed response. Using templates is the route we
took and it works great. One shortcoming is that you must know the names of
the fields to define them in the template. If you're coding a plugin that
dynamically adds fields back to the message, and you can't know the name
Hi Jesse!
> On 23 Jun 2015, at 00:11, Jesse Skrivseth wrote:
>
> The Message class has several field types that can be explicitly declared
> when adding fields to messages. It seems to support:
>
> Double
> Long
> String
>
> If I want to attach a field as a custom elastic type such as "geo_po
The Message class has several field types that can be explicitly declared
when adding fields to messages. It seems to support:
Double
Long
String
If I want to attach a field as a custom elastic type such as "geo_point",
how can I declare this custom type? Without a custom type, my current
form
