Ask Your Question

Revision history [back]

I was able to get log data into ELK stack using filebeat --> elastic as well as filebeat --> logstash --> elastic without any issue. I am using elastic version 7.6

additonally, I was able to split the log message into respective fields using below pattern in logstash

filter { grok { match => { "message" => "%{TIMESTAMP_ISO8601:timestamp}\s+%{NOTSPACE:username}\s+%{NOTSPACE:pipelinename}*" } }

}

sample output in kibana: pipelinename : [pipeline:Send_KAFKA/SendKAFKAa23341da-9cf3-4e2e-b155-6dab74c2c1f0] timestamp: 2020-05-09 03:53:53,971 username: [user:*user1]