Filebeat with multiple path and index

stephenb · April 8, 2024, 2:27am

BTW you can also do this sending direct from Filebeat to Elasticsearch and you will still get all the benefits above that I mentioned.

filebeat.inputs:
- type: filestream
  id: my-filestream-id
  enabled: true
  paths:
    - /var/log/*.log
  fields_under_root: true
  fields:
    data_stream.type: logs
    data_stream.dataset: system_log
    data_stream.namespace: default

setup.ilm.enabled: false
setup.template.enabled: false
# setup.template.settings:
#   index.number_of_shards: 1

setup.kibana:

output.elasticsearch:
  hosts: ["http://localhost:9200"]
  index: "%{[data_stream.type]}-%{[data_stream.dataset]}-%{[data_stream.namespace]}"

Topic		Replies	Views
How to create multiple index from file beat log input in log-stash config Beats filebeat	9	2988	May 6, 2019
Multiple indexes not being created for multiple log files Beats filebeat	25	389	September 11, 2024
Configure multiple logs location on filebeat Beats filebeat	11	1396	February 9, 2023
Create custom index in Filebeat Beats docker , filebeat	1	257	May 3, 2024
Index and template conditions Beats filebeat	1	197	December 20, 2023

Filebeat with multiple path and index

Related Topics