Well this is not actually an issue rather query. I have been playing with ELK stack for a few days. I have a working ELK stack running on Ubuntu 16.04. Kibana has Marvel and Sense installed and working. I can ship Beats, Syslog, Apache logs and Windows events (via Winlogbeat) to my ELK stack. So far, so good. Now, I want to ship mail logs (postfix logs) to my ELK stack. Is there any way to do that?
Thanks for your reply. I was actually following this article. Not working for me. Don't know why. I don't know how to use grokdebug. And I also don't know how to write grok file
This is more of a logstash question than ES. You will need to adapt the grok patterns I used to your postfix log format. For more information about what grok patterns and filters are, start here:
If you run into problems, please post more details. Such as what did you tried, what did not work, errors that you got, etc. The more details the better to give us context and better able to help you.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
