If you have a unique ID in your documents or can create one based on the data in it, you can specify this as the `document_id` in the Elasticsearch output plugin. As long as you are not using time-based indices for these documents, this will result in the existing document getting updated for each new document.
Sometime it may make sense to store all the raw documents in a time-based index to keep track of the changes, but also keep the latest state in a non time-based index. You can then choose index based on whether you are looking for history or the current state.
When this event 'bgp session down' is received it means all routes being advertised so far, are not valid any more.
Then after the bgp session up , it will arrive new events with new updates that will repopulate the recently deleted/empty index.
I'll try the http output to see how it goes
NEW: Monitor These Apps!
Apache Lucene, Apache Solr and all other Apache Software Foundation project and their respective logos are trademarks of the Apache Software Foundation.
Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries. This site and Sematext Group is in no way affiliated with Elasticsearch BV.
Service operated by Sematext