Log Filtering in ELK Stack

abhat · May 28, 2018, 10:29pm

Hi Team,

I am new to ELK stack and I just setup an ELK stack which collects logs from tomcat log directory.

My requirement is it should only capture SEVERE AND ERROR messages in the log files present in the log directory.

Any ideas how to achieve it ?

Kind Regards,
Asif Bhat

warkolm · May 28, 2018, 10:33pm

Use a conditional in Logstash with a drop filter and you should be good.

abhat · May 28, 2018, 10:39pm

Thanks a lot Mark.

Any general document link that can be helpful here.

warkolm · May 28, 2018, 10:54pm

abhat · May 28, 2018, 11:01pm

Fantastic!!! Thanks a lot.

Topic		Replies	Views
How to drop known errors in logstash Logstash	2	1245	September 12, 2018
How may I get only ERROR related logs from my stack trace? Logstash	5	1709	September 17, 2018
Using Logstash, not able to filter Error Level while indexing to elastic search Logstash	2	915	August 10, 2020
Logstash eventlog filter Logstash	26	6203	July 6, 2017
Using logstash, How to filter Errors only from logs? Logstash	10	15247	November 4, 2022