Hi
I'm using filebeat 7.1.0 - PostgreSQL module to send logs from the DB to Elasticsearch, from the logs I want to extract event.duration and log.postgresql.query but filebeat only send this information in some logs and in otherlogs are missing; I don't know if someone had this issue in the past and know how to solve it.
Thanks.
Regards.
Hi, Luis Zabala!
Filebeat and module - it regexp rules for parsing logs... so some logs have different format - and in this case filebeat-module cant extract event.duration and log.postgresql.query.
So - check problem logs format - and check module regexp - for find answer - why field missing.
Agreed!
If you find a log message that is not being correctly processed, please report it so we can update the patterns to support it.
Best regards
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.