Filebeat is not shipping the entire log file


I'm new to filebeat and elastic search, I'm trying to ship the iis logs from a remote machine to elastic search. How can we make filebeat to ship all the lines from a log file at time, I see its shipping only one line from each log file. Is there any config I need to make change, i'm using default config file with latest filebeat version

(Steffen Siering) #2

filebeat normally splits the log files by lines and indexes every single line as document in elasticsearch. This way you can search for particular lines in elasticsearch/kibana.

(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.