Hi
I have a doubt, I want to analyze some logs that are not formatted, plain text with timestamp and ip addresses, among many other data, I have used logstash to load the data to elastisearch, but I found that logstash consumes many resources, so I I would like to know if filebeat can be configured to collect log of specific folders and plain text.
Yes of course, you can forward to ES with filebeat and logfile path.
https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-configuration.html
You can also use processors to parse data but it's not as powerfull as logstash
https://www.elastic.co/guide/en/beats/filebeat/current/defining-processors.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.