I have a question regarding the multiple log files (of similar type) parsing by logstash.
Scenario :-
My application generate log files every day,(2 log files in a day) by the name of intranet-YYYY-MM-DD-PORT.log like below:-
My need is to parse these logs files every day to send it to elastic and prepare the graphs/visualization.
Basically from the logs I want to know how many error per day application is generating, how much time application is taking to restart every day etc....
Hello AClerk,
Thanks for your reply.
My need is that I want to inject/push logs data every day from the log folder to elasticsearch and based on daily log data I want to create visualization.
For the moment I have C:\ELK\intralogs where I place all the logs like below
When I execute logstash it just ready & parse only one log file (ie intranet-2021-02-20-8400).
Just to let you know I created an index pattern where I I just see the data from only one log ( for example intranet-2021-02-20-8400)
So my question is how to parse and send all the log files on daily basis to elasticsearch so that my index pattern also keeps updating with latest logs.?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.