Hi folks,
I'm trying to import a network dump, which I created via tshark -i en1 -T ek > packets.json to elasticsearch.
Using the bulk importer of ElasticSarch, the import fails, because there are duplicate names of the fields. I think, since version 6.0 elasticsearch is more strictly when it comes to checking for duplicates.
So, my question is, why there are some duplicate names for fields, like ip_ip_addr or ip_text. In my understanding they should have unique names, so that you can import those data into ElasticSearch.
Thank you for your help and BR Christoph