I am implemented slow log queries in elasticsearch and shipping them to elasticsearch monitoring server using filebeat elasticsearch module. I am using default template called filebeat, basically using default settings.
The problem I am getting is the logs are indexing in elasticsearch the field names are doubling up like elasticsearch.slowlog.elasticsearch.slowlog.took, as you can check that elasticsearch.slowlog.took become elasticsearch.slowlog.elasticsearch.slowlog.took.
What i am doing wrong and what is the solution?
I am attaching one screenshot how fields are creating on elasticsearch.
What I am trying is keep the field as it is. like elasticsearch.slowlog.took.