Hi, Using ELK 7.14.0 release. I'm trying to excludes lines from IIS access log files. I've tried several methods but It still will not work. I've done that previously with logstash, but I prefer use a simplified architecture. Last try was to include the following line in filebeat.yml: processor…

Filebeat : how to exclude lines

Shaoranlaos (Christian Stockhaus) August 24, 2021, 7:45am 2

Have you tried the exclude_lines options on the input?
I'm using that since Version 5 to exclude some nonsensical lines (empty lines and separator lines) in our logs.

filebeat.inputs:
- type: log
  exclude_lines: [ "^-*$", "^$" ]
...

For your case it would probably be something like
excluse_lines: [ "OPTIONS" ]

Some word should not be transmitted

Topic		Replies	Views
Using the exclude_lines option Beats filebeat	6	2679	July 5, 2017
IIS Filebeat module exclude_lines not working Beats filebeat	4	845	April 30, 2019
Exclude file from being processed Beats filebeat	6	3992	November 1, 2018
How can i filter errors in filebeat Beats filebeat	5	798	June 24, 2021
Exclude_lines in filebeat does not work? Beats filebeat	9	834	January 16, 2023

Filebeat : how to exclude lines

Related topics