ES Could not index events after update from RC3

[shipler]

After updating to GA from RC3 elasticsearch stopped indexing with the following error:
logstash -

Could not index event to Elasticsearch. {:status=>400, :action=>["index", {:_id=>nil, :_index=>"so-beats", :routing=>nil, :_type=>"_doc", :pipeline=>"beats.common"}, #Logstash::Event:0x1231231aa], :response=>{"index=>{"_index"=>"so-beats"," _type"=>"_doc", "_id=>"nil, "status"=>400, "error"=>{"type"=>"illegal_argument_exception","reason"=>"field [user.name] already exists"}}}}

[TOoSmOotH]

We made some changes to the ECS schema from RC3 to GA. You should be able to index new data once the index rolls over to the next day. https://docs.securityonion.net/en/2.3/release-notes.html explain it in more detail.