I'm using an elasticsearch cluster with the following configuration:
and in addition I have a field which I use as the timestamp from my inputs, this field comes in different formats so I've added multiple formats to it per the documentation:
and I'm getting tones of those messages:
I've change the mapping on my ES and for this field and it shows as follow:
I've stopped the logstash deamon and delete all the indices to make sure its not because the current index is already define but with the same errors. I'm not sure if I'm missing something or it is just a bug...
Rudy