I have installed ELK on my Ubuntu server and install filebeat on remote server-A and server-B. I have configured Log-stash to receive data from filebeat and forward them to Elasticsearch. Both servers logs are showing in Kibana-->obeverability-->Logs.
The issue is both servers logs are got mixed and its hard to me find specific server log. If i add more than 3 or 4 server for logs monitoring so it would i be much hard to identify or search the specific server logs. Is there any way to configure each server log separately from each server in kibana so that i would be easy to find specific server log.
You should be able to filter the logs from one server or another using the host information by default which includes the ip. In case you need to add more information just configure for example the following fields:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.