I have an elasticsearch ingest pipeline to ingest logs however I want to drop the document if it contains a certain string in the message field. I am trying to use the drop processor for this but the document does not seem to get dropped.
I have the following drop processor:
"drop": {
"if" : "ctx.message == '(^commit{dir=.+)'"
},
I am expecting this to drop any document with a matching expression in the message field but this is not happening. Am I misunderstanding how this processor works?
Thanks
