FileBeat Log Message combine

warnerrj79 · October 10, 2019, 3:29pm

Hi.
I am looking for a way (in FileBeat if possible) to combine log messages that are timestamped at the same time.
For example, I have an error log message with 9 lines. If I search for a certain word in the log via Kibana, it flags the log without a problem.
However, the rest of the error log message lines are not displayed because it doesn't satisfy the search criteria - but it is part of the same error log message.
Looks like elasticsearch is treating each line in the error message as a separate message line.
How can I combine the lines in the same error log message - so I can display the error message as one complete message?

Thanks.

warnerrj79 · October 10, 2019, 4:03pm

So i've found something called "View Surrounding Documents" in Kibana which enables me to do something similar. But is there any way to combine the message in the logging area?

system · November 7, 2019, 4:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Messages from different files are combined as one document Beats filebeat	3	938	July 5, 2017
Filebeat Issue - all log entries are merged in a single message instead of multiple messages Beats filebeat	5	2579	July 2, 2019
Filebeat send the entire logfile as a single message Beats filebeat	2	5354	March 9, 2018
Display complete multiline message Kibana	8	9643	July 6, 2017
Filebeat is sending multiple messages to elasticsearch Beats	1	432	December 3, 2019

FileBeat Log Message combine

Related Topics