How to query 3 indexes in logstash

willsy · August 1, 2023, 10:41am

In logstash i am trying to forward all of the logs in elasticsearch into logstash and then to a third party. What is the correct configuration for the index query?

# Sample Logstash configuration for creating a simple
# Beats -> Logstash -> Elasticsearch pipeline.

input {
 elasticsearch {
 hosts => "localhost:9200"
 ssl_enabled => true
 ssl_verification_mode => none
 api_key => "XXxxXXxxXX" 
 index => ["logs-cisco_ios.log-default", "logs-windows.powershell-default"]
 query => '{ "query": { "query_string": { "query": "*" } } }'
 size => 10
schedule => "*/1 * * * *"
 scroll => "1m"
 docinfo => true
 docinfo_target => "[@metadata][doc]"
}
}

output {
tcp {
host => "A.B.C.D"
port => XYZ
codec => json_lines
  }
}

system · August 29, 2023, 10:42am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to forward ALL logs Logstash	1	137	August 28, 2023
How to configure different indexes in logstash Logstash	38	40234	November 4, 2022
How to configure indexes in logstash Elasticsearch	2	599	June 23, 2019
Need help in logstash configuration Logstash	2	1074	April 18, 2016
I have configured logstash to send logs to diffrent indexes Logstash	1	252	July 7, 2020

How to query 3 indexes in logstash

Related Topics