Hello everyone,
I would like creating 2 separate indices to receive logs from 2 linux servers through nput beat port 5044 . My logstash config file is :
input {
beats{
port => 5044
}
}
output {
if [beat.name] == "tsttlnoss0001"{
elasticsearch {
hosts => [ "localhost:9200" ]
index => "filebeats"
}
}
else if [beat.name] == "stgtlnoss0008"{
elasticsearch {
hosts => [ "localhost:9200" ]
index => "node08"
}
}
}
If I do not use the condition, I can get the log from 2 servers but the same indices , it's hard for me to monitoring the log. So could you please help to create the logstash file corresponding the request above (2 indices for 2 linux servers )