Tag Archives: filebeat

filebeat custom index name

Leave a reply


filebeat output to elasticsearch indices
filebeat separate index
filebeat log different index

filebeat.inputs:

- type: log
enabled: true
paths:
- /var/log/some/path/*.log
fields:
type: "query"

- type: log
enabled: true
paths:
- /var/log/another.path/*.log
fields:
type: "error"

filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
setup.template.settings:
index.number_of_shards: 3

setup.kibana:
output.elasticsearch:
hosts: ["192.168.1.100:9200"]
index: "newindex-%{[fields.type]:other}-%{+yyyy.MM.dd}"

setup.template.name: "newindex"
setup.template.pattern: "newindex-*"