Hello,
I installed the Elastic Agent on a Windows machine using the integration packages. Currently, logs are being sent to the default apm--transaction,auditbeat-,endgame-,filebeat-,logs-,packetbeat-,traces-apm,winlogbeat-*,-elastic-cloud-logs-
I would like the logs from Windows machines to be sent to a separate, dedicated index.
How achieve this?
Thank you
Are you talking about the data stream where the data is stored or the Data View in Kibana where you can select which data view you want to see?
The Data stream you cannot change, the data view you can create multiple data views pointing to differetn data streams to help you filter the data you want to see.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.