Create folder to save logs from Filebeat

Donny_Nightfrost · April 5, 2019, 7:39am

Greetings, I have a simulation I wanted to try :

Filebeat (one agent or more) send logs to another machine (where Logstash located)
Logstash to receive the logs and do the filters
Logs will be saved on specified directory, e.g : /var/log/syslog

My question: Is it possible to make a directory for each agents / clients right after Logstash received the logs from FIlebeat so that the logs will be separated by host name? Thanks

Badger · April 5, 2019, 12:32pm

Filebeat includes the hostname in the events. You can use a sprintf reference in the output to refer to that hostname.

system · May 3, 2019, 12:32pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to specified the target location to store the log file Beats filebeat	7	6573	July 5, 2017
Filebeat doesn't send logs to logstash in client server architecture Beats filebeat	11	7220	July 5, 2017
Can filebeat send to different LS servers based on hostname criteria Beats filebeat	3	634	December 14, 2018
Filebeat unable to ship logs to Logstash Beats filebeat	2	210	October 17, 2022
Filebeat to send to Multiple Logstash Sever Beats filebeat	2	1422	April 9, 2018

Create folder to save logs from Filebeat

Related topics