DravenJohnson · August 2, 2017 19:47
diff --git a/filebeat.yml b/filebeat.yml
 filebeat:
  prospectors:
    -
      paths:
        - /var/log/program/program.log*
      input_type: log
      exclude_lines: ["\"msg\":\"[a-z_]+\""]
      include_lines: ["\"event\":\"[a-z_]+\""]
      exclude_files: [".gz$"]
      document_type: event_logs
      fields:
        record_type: "server_logs"
      fields_under_root: true
      scan_frequency: 10s
      tail_files: false

  # Event count spool threshold - forces network flush if exceeded
  spool_size: 2048
  # Defines how often the spooler is flushed, regardless of spool size
  idle_timeout: 5s
  # Name of the registry file that tracks sent log lines
  registry_file: /var/lib/filebeat/registry

 output:
  logstash:
    hosts: ["logs.example.com:5044"]
    max_retries: -1
    tls:
      insecure: false

 logging:
  # Send all logging output to syslog. On Windows default is false, otherwise true
  #to_syslog: true

  # Write all logging output to files
  #to_files: false

  # To enable logging to files, to_files option has to be set to true
  files:
    # The directory where the log files will written to.
    #path: /var/log/mybeat

    # The name of the files where the logs are written to.
    #name: mybeat

    # Configure log file size limit. If limit is reached, log file will be
    # automatically rotated
    rotateeverybytes: 10485760 # = 10MB

    # Number of rotated log files to keep. Oldest files will be deleted first.
    #keepfiles: 7

  # Enable debug output for selected components. To enable all selectors use ["*"]
  # Other available selectors are beat, publish, service
  # Multiple selectors can be chained.
  #selectors: [ ]

  # Available log levels (default error): critical, error, warning, info, debug
  #level: error
	filebeat:
	prospectors:
	-
	paths:
	- /var/log/program/program.log*
	input_type: log
	exclude_lines: ["\"msg\":\"[a-z_]+\""]
	include_lines: ["\"event\":\"[a-z_]+\""]
	exclude_files: [".gz$"]
	document_type: event_logs
	fields:
	record_type: "server_logs"
	fields_under_root: true
	scan_frequency: 10s
	tail_files: false

	# Event count spool threshold - forces network flush if exceeded
	spool_size: 2048
	# Defines how often the spooler is flushed, regardless of spool size
	idle_timeout: 5s
	# Name of the registry file that tracks sent log lines
	registry_file: /var/lib/filebeat/registry

	output:
	logstash:
	hosts: ["logs.example.com:5044"]
	max_retries: -1
	tls:
	insecure: false

	logging:
	# Send all logging output to syslog. On Windows default is false, otherwise true
	#to_syslog: true

	# Write all logging output to files
	#to_files: false

	# To enable logging to files, to_files option has to be set to true
	files:
	# The directory where the log files will written to.
	#path: /var/log/mybeat

	# The name of the files where the logs are written to.
	#name: mybeat

	# Configure log file size limit. If limit is reached, log file will be
	# automatically rotated
	rotateeverybytes: 10485760 # = 10MB

	# Number of rotated log files to keep. Oldest files will be deleted first.
	#keepfiles: 7

	# Enable debug output for selected components. To enable all selectors use ["*"]
	# Other available selectors are beat, publish, service
	# Multiple selectors can be chained.
	#selectors: [ ]

	# Available log levels (default error): critical, error, warning, info, debug
	#level: error
No results found