HI,
I am collecting files with Logstash and sending them to an Elasticsearch database.
But I'm running into the problem that I can't pick up the date that file was created or last modified. I'm working on Linux, and what I need is to know how to extract this field and send it to elastic.
I have tried all sorts of filters in ruby but end up seeing "%{data}" and not the output. There is a way to get this correctly?
Hello @AlejandroVindel,
Welcome to the community!
Check if this config makes sense for your use case.
Hope it helps!
Are you reading files by FB or LS?
If this doesn't help what Priscilla suggest, can you provide a sample, what you want?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.