Example logstash.conf with multiline json to elasticsearch

kibana error - failed to format messages from /var/lib/containers/....json.log

filebeat config

"paths": [/var/lib/docker/cnotainers//.log"]
"fields": {"environement": "dev", "system" : "test" "level "application"},
"json.keys_uder_root": false, "tags" ["docker", "json", "dev"],
"multiline": [negate": true "pattern": "^\[|^[0-9]{4}-[0-9]{2}-[0-9] {2}",
"match": "after"}, "type": "log"},

works when sending directly to elastic search ...but cannot get to work through logstash to elasticsearch.

input beats in logstash. output elastic search

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.