Hello can some please help me get the condition set correctly. I want to create multiple index based on source file. So i used document_type to identify the different input file. When i try to specify condition i get error. I am not using logstash. filebeat.prospectors: # Each - is a prospector. M…

In this case you can do the following, in your filebeat YAML configure the fields for each inputs: - type: log enabled: true paths: - /var/log/*.log fields: document_type: "mycustomtype" In the elasticsearch output you can use field reference to access this field and configure the in…

pierhugues (Pier-Hugues Pellerin) March 30, 2018, 5:36pm 5

In this case it's similar to what I've replied in Using a regex in the custom field of Filebeat

Topic		Replies	Views
Filebeat Config Failure Beats filebeat	2	474	June 2, 2021
If condition in logstash filter - not working Logstash	7	1942	February 14, 2019
Not able to create /see any indexs in elasticsearch Beats filebeat	2	333	November 13, 2018
Filebeat with Logstash failed to create Index Beats filebeat	9	1297	May 28, 2021
Filebeat: Select index based on prospector Beats filebeat	2	2179	August 16, 2017

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.

ERR failed to initialize elasticsearch plugin as output: missing condition

Related topics