I understand file beat is an aggregated tail -f command. But does it allow us to transform log-lines to a format whereby we can run searches (or queries) on elasticsearch (or kibana)?
Can file beat do such transformations? Or are these done elsewhere?
Please take a look at filebeat documentation. You can use processors to transform flowing data.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.