jpereira
January 23, 2018, 1:11am
1
Hi folks,
I have some logs on my system that are jSON payload and I would like to know if can I use the "beat" to handle/ship the logs to the ES.
e.g: fileBeat can do that? I have tried, but non-success.
filebeat.prospectors:
- type: log
enabled: true
encoding: plain
exclude_files: ['.gz$']
scan_frequency: 1s
paths:
- /var/log/syslog-ng/json/node-token/*.log
input_type: log
# Output
output.elasticsearch:
protocol: https
username: "myuser"
password: "mypass"
hosts: [ "es.intra.net" ]```
pierhugues
January 23, 2018, 2:16am
2
Hello @jpereira ,
Yes it's possible to process logs that have a JSON payload using the json options for the prospector
You can get a bit more details on this discuss post or this blog post
Thanks
jpereira
January 23, 2018, 10:24pm
3
@pierhugues Thank you for taking the time to respond. Now is working perfectly!
ps: I have others issues, but I will create a new ticket.
1 Like
daved
January 23, 2018, 10:37pm
4
Also check out this answer which has the stuff for the (latest) 6.1 elastic stack: Custom filebeat template for JSON log lines
system
February 20, 2018, 10:37pm
5
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.