I am sending these logs to logstash. But here both application, system logs are going to one index. But I want send to two indexes.
This is logstash pipeline.
input {
beats {
port => 5044
ssl => false
}
}
output {
elasticsearch {
hosts => "http://localhost:9200"
user => elastic
password => wU8WRmKo1pPI0CqS193d
index => "odooserverlog"
}
}
Please help me on this...
You will need to use a conditional in the output and split them based on the source Beat.
Are you using ILM here, or is this just a single index?
If it's a single index, that is not an ideal approach as you will have to delete old data from within the index, which is inefficient.
Yes I want to use condition in the output. Can you please suggest the logstash pipeline file.
My requirement is application logs sent to odooserverlog index
filebeat system module logs has sent to another index
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.