I have the following configuration file
filebeat.config.prospectors: path: /etc/filebeat/conf.d/*.yml output.logstash: hosts: ["host"]
In each yml file in the folder
/etc/filebeat/conf.d/ I have the following:
- type: log enabled: true paths: - /var/log/log-file-a.log fields: ... - type: log enabled: true paths: - /var/log/log-file-b.log fields: ... - type: log enabled: true paths: - /var/log/log-file-c.log fields: ...
Each file is for different domain. If I want to turn off the monitoring for certain log files of domain or for the whole domain, I set the
enabled option to false.
Despite when I set the enabled to false, it still monitors the log files, and sends them to the logstash server. What am I doing wrong?