I have a filebeat which has 2 files, I would like to have exclude lines different for each one, is it possible to add exclude_lines per path?
the potential config is as below i.e. for access.log I want to exclude different lines while allowing the same lines to go through from the weblogic.log
Thanks for taking the time to read this,
filebeat.inputs: - type: log enabled: true paths: - /scratch/tmp/elk_docker/access.log exclude_lines:['\/health(\/[a-z]*)*\t200', '(?:.*registry)(?:.*\t200)'] - /scratch/tmp/elk_docker/weblogic.log exclude_lines:['BEA-000628', 'BEA-001128', '\/authorization\/rest\/[v0-9\.]+\/auth\/query\t200']