i'm trying to take log from linux machine with oracle database installed. Based on the below configuration the filebeat doesn't pull any info to elastic search.
filebeat.inputs:
- type: log
enabled: true
paths:
- /u01/app/oracle/diag/rdbms/trace/alert_oracle*.log
fields:
log-type: "oracledb"
log-subtype: "alertlog"
customer: "default"
n4-type: "dbalert"
multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2}'
multiline.negate: true
multiline.match: after
ignore_older: 168h
close_inactive: 24h
output.logstash:
hosts: ["logstash host server":5044"]
loadbalance: true
can anyone advice how the filebeat yml file need to be configured for linux?