Multi output for multi prospectors

YLombardi · December 2, 2016, 1:44pm

I use ELK 5.0.1 + Filebeat 5.0.1.

On my server I have 2 kind of prospectors :

json logs
text logs

Currently, I configure Filebeat to send the json logs directly to elasticsearch.
This works fine.

Now I want to send the text logs to logstash to parse them with a grok filter.

In the Filebeat configuration, I don't find how to use 2 output for this 2 prospectors.

Is it possible ?
How can I do this ?

andrewkroh · December 2, 2016, 3:36pm

It is not possible to route the events to different outputs. All events go to all outputs. So you can send it all to Logstash and then route the events from there.

Topic		Replies	Views
Output different prospectors' logs to different Elasticsearch indices? Beats filebeat	2	1020	July 5, 2017
Elastic output for modules and logstash output for prospectors? Beats filebeat	5	385	August 8, 2018
Output data to different sources using filebeat Beats filebeat	3	342	July 8, 2018
Send beats from different prospectors to different outputs? Beats	2	671	November 23, 2016
Multiple elasticsearch output configuration Beats filebeat	2	1477	August 7, 2016

Multi output for multi prospectors

Related topics