Hi,
I have a directory where files are being written really quick. Is there a way i can access the newly written file to that directory and then pass the information to elasticsearch.
These files are my system logs files and there are number of files that gets generated based on timestamp. so i want to read the newly created file extract the data out of it and send the data to elasticsearch database.
I suggest you try filebeat with a low value (1s) for the scan_frequency parameter.
It is important that you familiarise yourself with the settings for filebeat so you can tune it for your use case. Specially the close_* and clean_* parameters.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.