Edit: I must have missed a part where you had to remove the elasticsearch portion from the config.yml. In previous versions removing it broke it.
Hopefully I explain this correct: Running filebeat with two prospectors (configs below). After I start filebeat the syslog and corelogger prospector launch and initially pushes some logs but then after a quick burst, stops shipping them. The log files in question continually get written to (about 2 or 3 lines/second) and it's nothing significant in terms of size.
version: filebeat 1.0.0
filebeat: registry_file: /var/lib/filebeat/registry config_dir: /etc/filebeat output: elasticsearch: enabled: false hosts: ["localhost:9200"] logstash: enabled: true hosts: ["my-host.com:5044"] shipper:
filebeat: prospectors: - paths: - /var/log/syslog - /var/log/auth.log input_type: log document_type: syslog
filebeat: prospectors: - paths: - /var/log/myapp/stats.log input_type: log document_type: corelogger
I looked over some of the default configs for the prospector but I don't see one that makes sense to change outside of its default value. Any help is appreciated.