Custom Index for Functionbeat

sainath · September 15, 2020, 11:22am

Hi Team, I am trying to deploy function beat to read AWS logs which i am succesfully able to do.

However, i require different index to be created in Elasticsearch for different log groups.Below id the elasticsearch output condition i used, which isnt working.

output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["10.10.10.10:9200"]
  indices:
    - index: "xyz"
      when.contains:
      log_group: "ec2"

I also tried providing the full log groups name under the log_group.
Elastic search version : 7.7.1
Functionbeat version : 7.9.0
Please help me to understand and resolve the issue.

sainath · September 16, 2020, 8:40am

Team, Is there anything i can try? I'd really appreciate any guidance. Thanks!

mtojek · September 16, 2020, 10:07am

Here is a similar thread: Handling multiples modules output to multiples indexes, good practice?

sainath · October 14, 2020, 11:37am

Able to create new index by using below configuration on top of output.elasticsearch in functionbeat.yml

setup.ilm.enabled: false
setup.template.name: "xyz"
setup.template.pattern: "xyz-*"
output.elasticsearch:

Arzu_Atalik · October 28, 2020, 1:12pm

Egsyefsi 5wvuxtsy7wfehd7sfshfsydgxhs6svcbysicjdhufushdufhshfsfshd8chfgdjxydhjehdfeu

Fyzvdusgfyzhdns7r
Sfhd5sgddgdydyýd
Dyehdhdudud dudduat

Topic		Replies	Views
Creating New Indices using Functionbeat Beats functionbeat	4	563	October 20, 2020
Functionbeat Sending to Wrong Index Beats functionbeat	1	454	July 16, 2019
How to ship multiple cloud watch log group to logstash and store them in elasticsearch cluster in individual indices Beats functionbeat	3	511	May 18, 2020
Indices con diferentes nombres Elastic en Español	2	279	February 20, 2024
How to let Functionbeat write to multiple indices Beats functionbeat	3	513	March 1, 2021

Custom Index for Functionbeat

Related topics