filebeat采集log日志,并自定义索引
filebeat配置:
filebeat.inputs: # Each - is an input. Most options can be set at the input level, so # you can use different inputs for various configurations. # Below are the input specific configurations. # filestream is an input for collecting log messages from files. - type: log # Change to true to enable this input configuration. enabled: true # Paths that should be crawled and fetched. Glob based paths. paths: - /home/elk/logs/info.log fields: source: info - type: log enabled: true paths: - /home/elk/logs/error.log fields: source: error
自定义模板设置
setup.template.enabled: false setup.template.name: "spring" setup.template.pattern: "spring-*" setup.template.overwrite: true setup.ilm.enabled: false
自定义索引配置:
output.elasticsearch: # Array of hosts to connect to. hosts: ["192.168.108.200:9200"] index: "spring-%{[fields.source]}-*" indices: - index: "spring-info-%{+yyyyMMdd}" when.equals: fields: source: "info" - index: "spring-error-%{+yyyyMMdd}" when.equals: fields: source: "error"
输出到ES效果:
如果各索引显示yellow,则设置:
PUT _settings { "index":{ "number_of_replicas":0 } }
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· Manus爆火,是硬核还是营销?
· 终于写完轮子一部分:tcp代理 了,记录一下
· 【杭电多校比赛记录】2025“钉耙编程”中国大学生算法设计春季联赛(1)