Filebeat config - several apps on one server

Albert_Komst · March 28, 2022, 12:07pm

Hello,

I have few apps I would like to monitor on one server.
Filebeat config for app1 looks like below:

filebeat:
  inputs:
    - fields:
        fileset:
          module: app1
          name: debug
      fields_under_root: true
      multiline.match: after
      multiline.negate: true
      multiline.pattern: '^ERROR |WARN '
      multiline.timeout: 0.01s
      multiline.type: pattern
      paths:
      - /var/log/app1/app1_debug.log*
      scan_frequency: 10s
      tags:
      - app1
      - java
      type: log
    - exclude_lines:
      - ^172\.168\.121\.11
      - ^172\.168\.121\.122
      - ^.*\/app1\/acert_das
      fields:
        fileset:
          app: app1
          module: apache
          name: access
      fields_under_root: true
      paths:
      - /var/log/httpd/app1_access_log*
      scan_frequency: 15s
      tags:
      - app1
      - apache
      type: log

Probably trivial question as I'm new to ELK - can you advice what would be the best way to add e.g. app2 to the config?

Kind regards,

system · April 25, 2022, 2:08pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat configuration Beats filebeat	1	283	November 15, 2021
How to Create different index pattern for different filebeat server? Beats filebeat	5	2814	March 28, 2019
Filebeat Multiline Not Working At All, Please Help Beats	2	1266	August 27, 2020
File beat does not post the data to elk stack Beats filebeat	4	462	July 3, 2019
Filebeat 1.2.0. multiline Beats filebeat	12	2173	July 5, 2017

Filebeat config - several apps on one server

Related topics