Multiple ElasticSearch Indexes in Logstash Output

Sameer_Panicker · April 2, 2016, 5:10am

if[type] == "IISLogs"
{
elasticsearch
{
index => "iislogs"
hosts => ["myserver:9200"]
}
}
else
{
elasticsearch
{
index => "filebeat-2016.03.27"
hosts => ["myserver:9200"]
}
}

Since, filebeat indexes are created daily i.e. filebeat-YYYY-mm-dd format. How can I specify the latest index of filebeat in above output configuration. If I specify filebeat-2016.03.27, it works fine. But I want something generic.

How can I achieve that ?

magnusbaeck · April 2, 2016, 2:50pm

See the documentation of the elasticsearch output's index option and its default value. See also the sprintf format documentation.

Topic		Replies	Views
Multiple index in elasticsearch from filebeat Beats filebeat	4	3207	August 4, 2017
How to create multi indices with multi logs from filebeat? Beats filebeat	3	937	June 28, 2018
Logstash output from filebeat. What is 'index' configuration option? Beats filebeat	2	408	January 16, 2020
Logstash Conditional Indexes Logstash	5	4334	March 29, 2019
3 diferent index? Elasticsearch	2	349	July 5, 2019

Multiple ElasticSearch Indexes in Logstash Output

Related topics