Hi
I have successfully setup elk stack version 7.5.2 and migrated one of my complete applications to send logs and get it to visualize on kibana. Now I am trying to onboard another application using filebeat and adding a field in the new application and sending logs to logstash in the same port but using if-else on the basis of the field and sending it on different index
The problem I am facing is I am sometimes getting few agents . hostname in kibana and something I am getting all plus there is sometimes a huge difference in the logs percentage
For reference I am sharing my logstash configuration :
input {
beats {
port => 5046
}
}
output {
if [type] == "ProjectA" {
elasticsearch {
hosts => ["X.X.X.X"]
index => "ProjectA-%{+YYYY.MM.dd}"
}
}
if [type] == "ProjectB"{
elasticsearch {
hosts => ["X.X.X.X"]
index => "ProjectB-%{+YYYY.MM.dd}"
}
}
}