roongr2k7/filebeat.yml.j2

## filebeat.yml.j2
filebeat.prospectors:
- type: log
  enabled: true
  paths:
    - /var/lib/docker/containers/*/*.log
  multiline.pattern: '^[a-zA-Z0-9].+:'
  multiline.negate: true
  multiline.match:  after
  json.message_key: log
  json.keys_under_root: true
  processors:
  - add_docker_metadata: ~

output.elasticsearch:
  hosts: {{filebeat_elasticsearch_hosts|to_yaml}}
	filebeat.prospectors:
	- type: log
	enabled: true
	paths:
	- /var/lib/docker/containers//.log
	multiline.pattern: '^[a-zA-Z0-9].+:'
	multiline.negate: true
	multiline.match: after
	json.message_key: log
	json.keys_under_root: true
	processors:
	- add_docker_metadata: ~

	output.elasticsearch:
	hosts: {{filebeat_elasticsearch_hosts\|to_yaml}}