Hi,
I am planning on using Filebeat for log rotation on a server. From my understanding, Filebeat tails the inode so log rotation shouldn't be an issue when it comes to reading new log data. However, I have a question regarding how information is indexed. If I would like a new index everyday in elasticsearch, how would I configure that information in Logstash? Would I have to specify a date within the index name?
The default value for the index option on an elasticsearch output is to create daily indexes.
Okay, so if I do not specify an index in logstash, it will automatically be configured to a daily index name?
Yes.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.