tshark compatibility with elasticsearch 7.x
Hi everyone,
I want to visualize the packets on kibana, to do that I followed this old post https://www.elastic.co/blog/analyzing...
but the mapping was old there, so I used this command line to get a valid mapping
tshark -G elastic-mapping --elastic-mapping-filter ip,udp,dns
however, this gave me a mapping duplicated fields, I removed the duplicated fields, and then I applied the template to the elasticsearch 7.6.2
But this time it gave me an error like "Root mapping definition has unsupported parameters", so I assume there are some changes in index structure with elasticsearch 7.x.
Can you please have a look at it?
Thanks
https://ask.wireshark.org/question/15...