Bro dot problem

Hi all,
as you known, Elasticsearch is unable to menage fields with a dot separator.
Until now I've used the Bro json output: the output logs were sent to
Elastich through Logstash; from Elasticsearch 2.0 this is not
possible.
Is there a way to substitute a dot with another character?
Thanks,
Vito

In logstash/elasticsearch there is a de_dot filter that works quite well. It has its bugs but it will get the work done.

See link:
https://www.elastic.co/guide/en/logstash/current/plugins-filters-de_dot.html

Check the patch in my repo

https://github.com/danielguerra69/bro-debian-elasticsearch.git