theiamdude
theiamdude
/ filebeat.log
Created
August 4, 2016 04:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@ip-0-0-0-0 filebeat-1.2.3-x86_64]# ./filebeat -e -d "publish" | |
| 2016/08/04 04:38:18.690593 geolite.go:24: INFO GeoIP disabled: No paths were set under output.geoip.paths | |
| 2016/08/04 04:38:18.690750 logstash.go:106: INFO Max Retries set to: 3 | |
| 2016/08/04 04:38:18.691240 outputs.go:126: INFO Activated logstash as output plugin. | |
| 2016/08/04 04:38:18.691253 publish.go:232: DBG Create output worker | |
| 2016/08/04 04:38:18.691310 publish.go:274: DBG No output is defined to store the topology. The server fields might not be filled. | |
| 2016/08/04 04:38:18.691341 publish.go:288: INFO Publisher name: ip-0-0-0-0.ap-southeast-2.compute.internal | |
| 2016/08/04 04:38:18.691791 async.go:78: INFO Flush Interval set to: 1s | |
| 2016/08/04 04:38:18.691801 async.go:84: INFO Max Bulk Size set to: 2048 | |
| 2016/08/04 04:38:18.691810 async.go:92: DBG create bulk processing worker (interval=1s, bulk size=2048) |
theiamdude
/ filebeat_csv.yml
Created
August 4, 2016 04:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| filebeat: | |
| prospectors: | |
| paths: | |
| #- /var/log/*.log | |
| - "../logs/ldap*.csv" | |
| #- ../logs/access ## Wokring with no issue | |
| #- c:\programdata\elasticsearch\logs\* | |
| input_type: log | |
| document_type: ldap_access | |
| logstash: |