Hello All,
I want to view and query the lttng traces using ELK. What is the best way to do this? I don't see any corresponding input type in filebeat documentation.
Any pointers?
Regards,
Bhaskar
Hello,
You can simply use logsatsh if you don't have to deploy it on many VMs. In logstash input, LTTng logs and define a grok pattern to parse these logs.
Thank you Ahmed.
There are no logs, only in memory buffer or network stream and the data is encoded (CTF format).
The traces can be viewed using lttng trace view or babeltrace. But I am looking for a way to ingest the network stream to elastic and query (the decoded traces).
Regards,
Bhaskar
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.