Hello Friends,
I have created a new logstash conf file for a new TCP syslogs collector and defined to send them to a new index. However on kibana the index pattern seems to have all but endpoint logs? Have I missed ay step? Please let me know what data I can share with you to find the cause.
Thank you,
Devashish Singh
Logstash by default concatenates all config files in the config directory into a single pipeline, which means all input data will go to all outputs unless you use conditionals. Each file is not a separate pipeline unless you specify this using the pipelines.yml file. Please see this blog post for more details.
Thanks @Christian_Dahlqvist .
I did define three different pipelines for three config files with different inputs configurations.
Logstash started giving errors hence I restored the original/default content of pipeline.yml
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.