filebeat output to elasticsearch indices
filebeat separate index
filebeat log different index
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/some/path/*.log
fields:
type: "query"
- type: log
enabled: true
paths:
- /var/log/another.path/*.log
fields:
type: "error"
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
setup.template.settings:
index.number_of_shards: 3
setup.kibana:
output.elasticsearch:
hosts: ["192.168.1.100:9200"]
index: "newindex-%{[fields.type]:other}-%{+yyyy.MM.dd}"
setup.template.name: "newindex"
setup.template.pattern: "newindex-*"