Hi,
I am using ELK GA 6.3.0. I am using Filebeat to read log files from multiple servers and publish them to my Kafka cluster. My log folders already has really huge log files which collectively contains trillions of log entries. There is no issues with Filebeat publishing them to my Kafka topic, but I am facing some difficulties elsewhere. I would like to know if it is possible to parse only new files using filebeat? I mean, Filebeat may publish log entries, which comes after Filebeat start. Is this possible?
Thank you.