Trying to use the pipelines in a beats config on logstash. The issue is its not seeing the pipeline so the data is going straight into the index unprocessed. I am sure something is wrong with the code that builds the pipeline name pipeline => "%{[@metadata ][pipeline]}" but I dont see any documentation on that. My pipelines are named
filebeat-7.7.0-iis-access-pipeline
Anyone have any suggestions on how I can find out what %{[@metadata ][pipeline]} is pointing too or know why it is not working?
input {
output {@metadata ][pipeline] {https://ipaddresshere:9200 "]@metadata ][beat]}-%{[@metadata ][version]}-%{+YYYY.ww}"@metadata ][pipeline]}"https://ipaddresshere:9200 "]@metadata ][beat]}-%{[@metadata ][version]}-%{+YYYY.ww}"
I figured out there was no pipeline parameter being passed. I assume you have to create your own. I did get this code to work with 7.7
input {https://ipaddresshere:9200 "]@metadata ][beat]}-%{[@metadata ][version]}-%{+YYYY.ww}"@metadata ][beat]}-%{[@metadata ][version]}-iis-access-pipeline"https://ipaddresshere:9200 "]@metadata ][beat]}-%{[@metadata ][version]}-%{+YYYY.ww}"@metadata ][beat]}-%{[@metadata ][version]}-iis-error-pipeline"https://10.29.144.38:9200 "]@metadata ][beat]}-%{[@metadata ][version]}-%{+YYYY.ww}"
system
July 20, 2020, 10:36am
3
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.