FileBeat Log Message combine

warnerrj79 · October 10, 2019, 3:29pm

Hi.
I am looking for a way (in FileBeat if possible) to combine log messages that are timestamped at the same time.
For example, I have an error log message with 9 lines. If I search for a certain word in the log via Kibana, it flags the log without a problem.
However, the rest of the error log message lines are not displayed because it doesn't satisfy the search criteria - but it is part of the same error log message.
Looks like elasticsearch is treating each line in the error message as a separate message line.
How can I combine the lines in the same error log message - so I can display the error message as one complete message?

Thanks.

warnerrj79 · October 10, 2019, 4:03pm

So i've found something called "View Surrounding Documents" in Kibana which enables me to do something similar. But is there any way to combine the message in the logging area?

system · November 7, 2019, 4:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Messages from different files are combined as one document Beats filebeat	3	938	July 5, 2017
Filebeat Issue - all log entries are merged in a single message instead of multiple messages Beats filebeat	5	2588	July 2, 2019
Filebeat send the entire logfile as a single message Beats filebeat	2	5368	March 9, 2018
Display complete multiline message Kibana	8	9650	July 6, 2017
Configure filebeat to send only new events Beats filebeat	2	818	November 15, 2018

FileBeat Log Message combine

Related topics