ELK-stack: 7.10
Currently, I'm using filebeat to ingest logs to elasticsearch directly to an index (example: useract-*)
Since 7.9.1, I see a new feature called data-stream.
Question: How can we specify and make filebeat agent to be aware so as where to ingest the logs. I mean how can we enforce the filebeat to ingest logs to particular data-stream instead of traditional index?
I second this question. The documentation regarding what a data stream is and how to use it is clear but there seems to be nothing on how to use data streams with beats.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.