Winlogbeats path based on date

witkacy · April 15, 2021, 12:49am

Hello,

Is it possible put result logs to file/folder with name based on actual time?

So that for each day I would have separate folder with logs like

c:/tmp/20210415/logFile1...
c:/tmp/20210416/logFile1...
c:/tmp/20210417/logFile1...

winlogbeat.event_logs:
  - name: test
    ignore_older: 1h
    processors:
      - drop_fields:
            fields: ["host", "log", "event", "winlog"]
      - drop_event:
            when:
                not:
                    contains:
                        message: StatusCode=200 OK
      
setup.template.settings:

setup.kibana:

output.file:
  path: "C:/tmp/test_log_new" 
  filename: winlogbeat

mtojek · April 15, 2021, 8:35am

I'm afraid that you have to configure a custom logrotation mechanism, additionally to filebeat or simply push your data further to ES.

Topic		Replies	Views
Filebeat is reading my logs, but logs with date time on name, stop incremet Beats filebeat	7	5241	July 5, 2017
Filebeat Logging configuration - filename Beats filebeat	2	692	March 27, 2017
Winlogbeat to write output to a file Beats winlogbeat	3	474	June 30, 2020
Dynamic date log file input to Filebeat Beats filebeat	3	1796	July 29, 2019
Filebeat Logs rotating filename with data pattern Beats filebeat	3	292	April 14, 2021

Winlogbeats path based on date

Related topics