How can i get the folder name of a file sent by filebeat??
i tried this:
> grok {
> path => "/path/to/folder/%{WORD:foldername}/%{GREEDYDATA}"
> }
but it s not working 
That's not what a grok filter looks like. It has the following form:
grok {
match => {
"name of field to match against" => "grok expression"
}
}
There are concrete examples in the documentation.