I have hard time to index the kernel panic logs by filebeat as below example.
- Do you have suggestion about the best option to index Linux kernel logs?
- I don't see an option to handle the multiline logs as the kernel panic log. Does anyone experience with this?
[12193263.407267] nr_pdflush_threads exported in /proc is scheduled for removal
[16890791.711563] INFO: task systemd-logind:19251 blocked for more than 120 seconds.
[16890791.719063] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[16890791.727165] systemd-logind D ffff8cff993e5140 0 19251 1 0x00000080
[16890791.727177] Call Trace:
[16890791.727195] [<ffffffff9cf67bc9>] ? schedule+0x29/0x70
[16890791.727206] [<ffffffff9cf67bc9>] schedule+0x29/0x70
[16890791.727215] [<ffffffff9cf694b5>] rwsem_down_write_failed+0x225/0x3a0
[16890791.727227] [<ffffffff9cb869d7>] call_rwsem_down_write_failed+0x17/0x30
[16890791.727234] [<ffffffff9cf66ecd>] down_write+0x2d/0x3d
[16890791.727245] [<ffffffff9c9c9039>] unregister_shrinker+0x19/0x40
[16890791.727254] [<ffffffff9ca442f1>] deactivate_locked_super+0x41/0x70
[16890791.727260] [<ffffffff9ca44a86>] deactivate_super+0x46/0x60
[16890791.727269] [<ffffffff9ca62fff>] cleanup_mnt+0x3f/0x80
[16890791.727276] [<ffffffff9ca63092>] __cleanup_mnt+0x12/0x20
[16890791.727287] [<ffffffff9c8be79b>] task_work_run+0xbb/0xe0
[16890791.727296] [<ffffffff9c82bc65>] do_notify_resume+0xa5/0xc0
[16890791.727307] [<ffffffff9cf75124>] int_signal+0x12/0x17
Thanks // Hugo