Hi ,
Recently we have configured the ELK cluster but when i start the collecting logs through logstash from three log sources like firewall, cisco router and windows server, i can see that that firewall logs ingested to both cisco router index, windows server index and also firewall index . The same thing has happen with cisco router and windows server. So, can i request anyone who can help me out of this situation.
Regards
Anirban
I would guess that you are using Logstash and have multiple configuration files. Be aware that Logstash by default merges all files into a single pipeline and that data from all input will go to all outputs unless you control the flow using conditionals or define separate pipelines in pipelines.yml.
Thanks a lot Christian, you are correct and let me try with defining different pipeline in the pipeline.yml file
Thanks a lot Christian, you are correct and let me try with defining different pipeline .
Thanks my issue has been resolved, after doing some modification in logstash.yml file because it is ignoring the pipeline.yml file
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.