Hello there,
i have fleet server and iis integration on my elk stack. Elastic agent on the iis server ships "../Logfiles/..log" files to elasticsearch but it sends all log files on that folder(est. there are 2 years logs) I just want to send last 3 months logs. How can i set that?
ps: there are seperate log files for every day.
edit: i'm actually looking for ignore_older option.
Hi @tazemeta Welcome to the community!
What version of the agent are you running?
It looks to me that a pull request to fix this has been merged into main in the last couple weeks to support ignore_older.
Trying to figure out what version that is but at the worst it should be in the next version I suspect.
It would be possible to manually add this if you do standalone agent but suspect that you do not want to do that.
Ohh, that's a great news for me. Right now my agents' version is 8.3.3 and they are not standalone.
I've just updated my iis integration from 1.0.0 to 1.2.0 and it shows! Thanks so much!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.