I have a requirement to parse different type of log files (own Java application's log file) and catalina log files. Both of these have a different type of logging system, for which I have to use different type of multiline regex string.
I'm using filebeat on the client side to send these log files and I have setup a graylog filebeat-listener on the server side to receive these log files.
I have tested my filebeat configurations with several configuration files (trial and error editing of configurational parameters) but have not been able to figure out how to send these log files with a different multiline pattern and a different out put port (if possible).
These are the config files I used:
Gave me the specify-output-error , so next I tried with
this and it gave me "line 37: mapping values are not allowed in this context." error. Next I tried with
this , it gives me "line 31: found a tab character that violate indentation. Exiting." I've set the indentation as it is for the first prospectus. Yet, it gives me the errror . It works fine when I commented the whole of second prospectors.
Files from the first prospectors is being delivered as expected. But then my requirement is not fulfilled.
I would really be very greatful if somebdy could help me with this. I'm not so familiar with yaml or json.
Thanks in advance!