My goal is to make process log for any running process in ELK stack. Initially processes can be logged from Logstash pipelines and different Java processes.
Sample index in elastic for process logs could be something like this:
StartTime | EndTime | ProcessName | Outcome
Question: As logstash pipelines are adding each "event" in defined output index, such as
output {
elasticsearch {
index => "my-index"
hosts => "localhost:8080"
}
}
is there actually possibility to create Started log before pipeline starts and ended after pipeline ends/fails?