2022-11-02T18:11:20.778+0530 DEBUG [publisher] memqueue/ackloop.go:131 ackloop: done send ack
2022-11-02T18:11:20.778+0530 DEBUG [registrar] registrar/registrar.go:263 Processing 1 events
2022-11-02T18:11:20.778+0530 DEBUG [registrar] registrar/registrar.go:230 Registrar state updates processed. Count: 1
2022-11-02T18:11:20.778+0530 DEBUG [registrar] registrar/registrar.go:205 Registry file updated. 1 active states.
2022-11-02T18:11:21.680+0530 DEBUG [input.harvester] log/log.go:111 End of file reached: D:\learning\elk\logstash\testing-logs\testing.log; Backoff now. {"input_id": "e0e2c2f7-b43c-44cd-8f0a-7cb304fa4ef0", "source": "D:\\learning\\elk\\logstash\\testing-logs\\testing.log", "state_id": "native::15794176-72360-1552814282", "finished": false, "os_id": "15794176-72360-1552814282", "old_source": "D:\\learning\\elk\\logstash\\testing-logs\\testing.log", "old_finished": true, "old_os_id": "15794176-72360-1552814282", "harvester_id": "cd6ce31d-ba14-4195-bb57-24d168a9fe33"}
2022-11-02T18:11:23.673+0530 DEBUG [reader_multiline] multiline/pattern.go:170 Multiline event flushed because timeout reached.
2022-11-02T18:11:23.674+0530 DEBUG [processors] processing/processors.go:203 Publish event: {
"@timestamp": "2022-11-02T12:41:18.662Z",
"@metadata": {
"beat": "filebeat",
"type": "_doc",
"version": "7.17.4"
},
"agent": {
"version": "7.17.4",
"hostname": "LAPTOP-8PTLOPM4",
"ephemeral_id": "eea55b0f-7365-449d-8ec0-3904fe8e8384",
"id": "8b10940d-cbf7-427d-b4a1-b5cfd8c6823d",
"name": "LAPTOP-8PTLOPM4",
"type": "filebeat"
},
"log": {
"offset": 864,
"file": {
"path": "D:\\learning\\elk\\logstash\\testing-logs\\testing.log"
},
"flags": [
"multiline"
]
},
"message": "2022-09-13 00:11:53,547 ERROR ",
"tags": [
"test"
],
"input": {
"type": "log"
},
"fields": {
"version": "iis_v1",
"app_id": "MyBell",
"env": "iis"
},
"ecs": {
"version": "1.12.0"
},
"host": {
"name": "LAPTOP-8PTLOPM4"
}
}
2022-11-02T18:11:24.683+0530 DEBUG [logstash] logstash/async.go:172 1 events out of 1 events sent to logstash host 127.0.0.1:5044. Continue sending
filebeat.inputs:
- type: log
#id: my-filestream-id
enabled: true
paths:
- D:\learning\elk\logstash\testing-logs\testing.log
tags: ["test"]
multiline.pattern: '^[0-9]{4}-'
multiline.negate: true
multiline.match: after
system
November 30, 2022, 3:10pm
2
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.