Filebeat with multiple path and index

stephenb · April 8, 2024, 2:27am

BTW you can also do this sending direct from Filebeat to Elasticsearch and you will still get all the benefits above that I mentioned.

filebeat.inputs:
- type: filestream
  id: my-filestream-id
  enabled: true
  paths:
    - /var/log/*.log
  fields_under_root: true
  fields:
    data_stream.type: logs
    data_stream.dataset: system_log
    data_stream.namespace: default

setup.ilm.enabled: false
setup.template.enabled: false
# setup.template.settings:
#   index.number_of_shards: 1

setup.kibana:

output.elasticsearch:
  hosts: ["http://localhost:9200"]
  index: "%{[data_stream.type]}-%{[data_stream.dataset]}-%{[data_stream.namespace]}"

Topic		Replies	Views
Create different Indices for different filebeat folder location Logstash	3	1206	June 18, 2018
How to create multiple index from file beat log input in log-stash config Beats filebeat	9	2988	May 6, 2019
Filebeat 7.11.0 multiples path and multiples index Beats filebeat	1	180	August 24, 2022
Unable to use 2 fie log and 2 different index for them Elasticsearch	1	150	February 17, 2023
Multiple logs to different index - Filebeat Beats filebeat	3	1186	December 18, 2020

Filebeat with multiple path and index

Related topics