Hi all,
I have log files with long time period such as 6 months or more. However, i need, for example, one day of it. Loading all data to Kibana and then visualize for that day is expensive in terms of memory and disc space. I want to load only the that specific day via logstash, then process that logs.
The question is: Is there any way to tell Logstash to take just that specific time period or, for example, just last week (the last week will be updating while days pass).
Any help will be appreciated.