Skip to content

Instantly share code, notes, and snippets.

@abhishekraj2506

abhishekraj2506/filebeat.yml

Last active June 28, 2018 04:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save abhishekraj2506/ed9b41dbd30febffd25e5853e48b2686 to your computer and use it in GitHub Desktop.
Save abhishekraj2506/ed9b41dbd30febffd25e5853e48b2686 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
filebeat.yml
###################### Filebeat Configuration Example #########################
#=========================== Filebeat prospectors =============================
filebeat.prospectors:
# Each - is a prospector. Most options can be set at the prospector level, so
# you can use different prospectors for various configurations.
# Below are the prospector specific configurations.
- input_type: log
paths:
- /var/log/app-fb.log
fields:
type : "normal"
multiline.pattern: '^\['
multiline.negate: true
multiline.match: after
document_type: app-log
- input_type: log
paths:
- /var/log/nginx/access.log
fields:
type : "access"
document_type: nginx-access
#========================================================
#================================ Outputs =====================================
# Configure what outputs to use when sending the data collected by the beat.
# Multiple outputs may be used.
#-------------------------- Elasticsearch output ------------------------------
output.elasticsearch:
hosts: ["localhost:9200"]
indices:
- index: "normal-%{+yyyy.MM.dd}"
when.equals:
fields.type: "normal"
- index: "access-%{+yyyy.MM.dd}"
when.equals:
fields.type: "access"
pipelines:
- pipeline: application_log_pipeline
when.equals:
fields.type: "normal"
- pipeline: access_log_pipeline
when.equals:
fields.type: "access"
#--------------------------------------------------------
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment