filebeat.prospectors: # Each - is a prospector. Most options can be set at the prospector level, so # you can use different prospectors for various configurations. # Below are the prospector specific configurations. - input_type: log # Paths that should be crawled and fetched. Glob based paths. paths: - c:SkieerOctopusClientAPI*Logserror*.json - c:SkieerOctopusClientAPI*Logs race*.trace.json #tags: ["json"] encoding: plain json.keys_under_root: true json.overwrite_keys: true document_type: v7
配置filebeat从多个路径推送文件。
配置filebeat推送到elasticsearch多个index:
output.elasticsearch: # Array of hosts to connect to. hosts: ["xx.xxx.xxx.xxx:9200"] indices: - index: "bzy_api7_trace-%{[beat.version]}-%{+yyyy.MM.dd}" when.contains: source: "trace" - index: "bzy_client7-%{+yyyy.MM}" when.contains: source: "error"
使用when.contains来过滤,source即文件名包含trace推送到bzy_api7_trace,包含error推送到bzy_client7