Hello,
i am actually using Filebeat in version 7.2.1
In the description for the exported fields are fields for log content described:
https://www.elastic.co/guide/en/beats/filebeat/master/exported-fields-log.html#exported-fields-log
But i cant find any ingest pipelines in the filebeat modules or in the code which produces such fields.
Question is which module produces the fields priority and severity for log files?
Hey @xtruthx
Please check this file: https://github.com/elastic/beats/blob/master/filebeat/_meta/fields.common.yml
Let me know if that helps
Hello @Michal_Pristas,
thx for the link to the information. But this is also only a information that they are a common part of filebeat. But it is still not clear when and how this fields will be exported or created. I am not able to produce them.
The syslog input:
When used correctly and when compatible syslog events are sent to it, will generate those fields from the syslog event that filebeat will parse.
Thx @martinr_ubi that was my missing link. I was to focused on it to find the module which is exporting the fields. My it should be more prominent in the documentation that that fields are linked to the input syslog.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.