Is there any way to break single line logs into multi line logs using filebeat?
No, not with Filebeat, but should be possible with Logstash.
2AUK20170407000006002840700014DeitzpiascECCSERVICE1 SAPMSSY1 3001ZRFC_ICICI&&ZRFC_ICICI itzpiascs 2AUK20170407000006002840700014DeitzpiascECCSERVICE1 SAPMSSY1 3001SYSU&&SYSTEM_RESET_RFC_SERVER itzpiascs 2AUK20170407000007002840700014DeitzpiascECCSERVICE1 SAPMSSY1 3001ZRFC_ICICI&&ZRFC_ICICI itzpiascs 2AUK2017040700000002840700014DeitzpiascECCSERVICE1 SAPMSSY1 3001SYSU&&SYSTEM_RESET_RFC_SERVER itzpiascs
This is a log sample, there are 4 logs each log start with 2AU,log file contains millions of logs.The question is how to break the logs and remove the extra white spaces and forward to elasticsearch using logstash?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.