We have updated our Terms of Service, Code of Conduct, and Addendum.

Problem sending data to Elastic Data Stream

Stevengoossens
Stevengoossens Posts: 1

Hi,

I’ve configured an index template in Elastic for a specific log source and set it to use a data stream instead of the indices.

Whenever Cribl starts sending data, the data stream is created, but no data is added to is. I presume this has something to do with the _bulk API, since data streams only support the op_type create.

Does anyone have a working configuration for logging towards data streams in Elastic?

Answers

  • Kyle McCririe
    Kyle McCririe Posts: 29 ✭✭

    The Elastic Search destination should work with Data Streams and should work with the _bulk API.

    What do you have set as the Type? What version of Stream are you on? What version of Elastic are you running?

    Are there any logs in Stream that give any more info?