Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The amount of logs inserted in opensearch are too large #452

Open
ripperi8u opened this issue May 14, 2024 · 3 comments
Open

The amount of logs inserted in opensearch are too large #452

ripperi8u opened this issue May 14, 2024 · 3 comments
Labels
question Further information is requested

Comments

@ripperi8u
Copy link

As stated in the title,the processed logs in opensearch are too large. For example,there are many fields in the cloudtrail logs,such as "@message",it is raw log context.And what if i delete the "@message" field, will it be OK?
@nakajiak nakajiak added the question Further information is requested label Jun 6, 2024
@nakajiak
Copy link
Contributor

nakajiak commented Jun 6, 2024

That is good feedback. Would it be useful if there was an option to delete specific fields such as @message?

@ripperi8u
Copy link
Author

ripperi8u commented Jun 7, 2024
edited
Loading

That is good feedback. Would it be useful if there was an option to delete specific fields such as @message?

Yes, i think it will be good to configure it in user.ini

@qmugnier
Copy link

Any syntax to share?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ripperi8u @qmugnier @nakajiak