I'm using Filebeat as a docker container and I keep having problems with trying make sure that nginx error logs and access logs go to the right place. It seems that they just go to both places. I setup a different logstash port for each one.
I've also tried using /var/log/nginx/access*.log* as one of the paths, but each filebeat container will still read all of the log files. Am i doing something wrong? Should I upgrade the container to the latest version?
They are using different logstash processes, so they are on different ports. When I check kibana, it shows that the same lines are in 2 different indexes defined for each different logstash port. And the source lists the same file, so this would mean it's just reading all of the logs instead of following the paths I have define.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.