我有很多日志，每个日志都存储在以下xml文件中：

我想要达到的目标：
在elasticsearch中创建存储以下内容的字段：
mainactivitytext=“测试”
我的配置文件：

input {
    file {
        path => "/path/*.xml"
        start_position => "beginning"
        type => "xml"
        sincedb_path => "/dev/null"
        codec => multiline {
            pattern => "<Remarks"
            charset => "ISO8859-8"
            what => "previous"
            negate => "true"
        }
    }
} 

filter {
    xml {
        source => "message"
        store_xml => false
        force_array => false
        target => "Remarks"
        xpath => [
            "/Remarks/MainActivity/text()", "MainActivityText"
        ]
    }
} 

output {
    file
    {
        path => "/path/output.txt"
    }

    elasticsearch
    {
          hosts => ["https://elastic:9200"]
          user => "elastic"
          password => ""
          ssl => true
          ssl_certificate_verification => true
          cacert => "/path/sub_ca.crt"
          index => "test-%{+YYYY.MM}"
    }
}

但是输出不是我期望得到的。我只是将整个xml存储在索引中。