So I am trying to get multiline to work and am doing something stupid. Anyone see anything inherently wrong?
- type: log
paths:
- "/var/log/elasticsearch/elasticsearch.log"
tags: [ "elasticsearch" ]
multiline.pattern: '^[[:space:]]+(at|\.{3})\b|^Caused by:'
multiline.negate: false
multiline.match: afterWhen I got to Kibana and search, it is showing each line as a different item. This is whatever the standard log format for ES is
Could you provide an example log?
Also, have you tried using the elasticsearch module provided by Filebeat: https://www.elastic.co/guide/en/beats/filebeat/6.4/filebeat-module-elasticsearch.html?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.