My problem is that Logstash is writing into the default index (format logstash-2017.02.15) and into my custom one. I just want it to write only into my "logstash-secure" index. How can I do?
Logstash sends events to logstash-2017.02.15 because you've told it to. I suspect you have more than one configuration file in /etc/logstash/conf.d. Remember that Logstash reads all files in that directory.
If I understand your answer, no matter in which file the configuration is written the ouputs sections are "merged"?
If it is the case, my question would become "how could I route two inputs into two different indices"?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.