How to create the Multiple Index for each Apache Webserver

sanjeev1895 · May 15, 2023, 4:40pm

Hi,
I'm a new to ELK stack. Can anyone advice me for my below doubt.

For example, I have a two apache webserver and I installed filebeat on that and I enabled apache module. Also I configured apache.conf file in logstash. So for now my both apache server logs sent it to one common index that I specified in apache.conf file.

My requirement is how to create the one or more index and pass the apache server logs to particular index instead of common one.
apache server1 --> apache.conf (logstash/conf.d)
apache server1 --> apache1.conf (logstash/conf.d)

Can anyone please advise this.
Thanks

eMitch · May 16, 2023, 8:21pm

Hey @sanjeev1895 and welcome to the community!

You could use the server name from the event as it passes through Logstash as a variable in the Elasticsearch output similar to how it's shown in the docs. This would send each document as it came in from Filebeat to an index with that server name in it.

system · June 13, 2023, 10:21pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Separate ELK pattern for log files Elasticsearch	5	157	August 29, 2023
Issue with sending apache logs to elasticsearch with different indices Beats filebeat	1	399	July 5, 2023
How I can fetch the apache and node logs through filebeat Beats filebeat	8	445	September 30, 2020
Create Multiple Indexes from filebeat Logstash	3	1530	September 30, 2021
How to create multiple separate index using single conf file in logstash through filebeat? Logstash	2	186	July 13, 2023

How to create the Multiple Index for each Apache Webserver

Related topics