Send multiple log files to elastic via filebeat

sLuvpreet33 · April 21, 2017, 12:20pm

I want to send multiple log files from filebeat to elastic.

Like this,

filebeat.prospectors:

  - input_type: log
     paths:
       - /var/log/postgresql/postgresql-2017-04-21_120121.log
     document_type: postgresql
  - input_type: log
     paths:
       - /var/log/nginx/alpha-acccess.log
     document_type: nginx

In the output, I want to send to elasticseach,

output.elasticsearch:
  # Array of hosts to connect to.
   hosts: ["localhost:9200"]
   index: 'postgresql-log'
   versions.2x.enabled: false

I want to store the "postgresql" logs under the postgresql index, and the nginx log under the nginx index.

But here in the filebeat.yml , I can give only 1 name to the index, means these both will be stored under 1 index. How can I store these under different indices ?

I do not want to use logstash as that is too heavy and my system has trouble running logstash.

ruflin · April 24, 2017, 8:31am

The index name supports format strings. This should be helpful in your case: https://www.elastic.co/guide/en/beats/libbeat/current/config-file-format-type.html#_format_string_sprintf

system · May 12, 2017, 12:35pm

This topic was automatically closed after 21 days. New replies are no longer allowed.

Topic		Replies	Views
Filebeat sending two logs in nginx module Beats filebeat	2	280	September 1, 2021
Logstash multiple indices Logstash	1	269	December 20, 2019
Sending Nginx logs to elasticsearch using Filebeat Beats filebeat	1	1619	March 5, 2019
Multiple logs to different index - Filebeat Beats filebeat	3	1186	December 18, 2020
Distinguishing between log files when sending multiple log files from filebeat to logstash Logstash	18	3738	April 8, 2021

Send multiple log files to elastic via filebeat

Related topics