elasticsearch Filebeat没有将日志发送到日志库,elasticsearch,kibana,logstash-configuration,filebeat,elasticsearch,Kibana,Logstash Configuration,Filebeat" /> elasticsearch Filebeat没有将日志发送到日志库,elasticsearch,kibana,logstash-configuration,filebeat,elasticsearch,Kibana,Logstash Configuration,Filebeat" />
Fatal编程技术网
  • elasticsearch/
  • elasticsearch Filebeat没有将日志发送到日志库

elasticsearch Filebeat没有将日志发送到日志库

kibana

elasticsearch Filebeat没有将日志发送到日志库,elasticsearch,kibana,logstash-configuration,filebeat,elasticsearch,Kibana,Logstash Configuration,Filebeat,我正在使用filebeat和ELK stack。我没有从filebeat到logstach获取日志。有人能帮忙吗 Filebeaat版本:6.3.0 麋鹿版本:6.0.0 文件节拍配置:-- filebeat.prospectors: - type: log enabled: true paths: - '/var/lib/docker/containers/*/*.log' ignore_older: 0 scan_frequency: 10s json.messa

我正在使用filebeat和ELK stack。我没有从filebeat到logstach获取日志。有人能帮忙吗

Filebeaat版本:6.3.0 麋鹿版本:6.0.0

文件节拍配置:-- filebeat.prospectors:

- type: log
  enabled: true
  paths:
    - '/var/lib/docker/containers/*/*.log'
  ignore_older: 0
  scan_frequency: 10s
  json.message_key: log
  json.keys_under_root: true
  json.add_error_key: true
  multiline.pattern: "^[[:space:]]+(at|\\.{3})\\b|^Caused by:"
  multiline.negate: false
  multiline.match: after
  registry_file: usr/share/filebeat/data/registry
output.logstash: 主持人:[“172.31.34.173:5044”]

Filebeat日志:--

我知道回复有点晚,但我遇到了同样的问题,经过一些搜索,我发现这个布局适合我

filebeat.prospectors:
- paths:
    - '<path to your log>'
  multiline.pattern: '<whatever pattern is needed>'
  multiline.negate: true
  multiline.match:  after
  processors:
  - decode_json_fields:
      fields: ['<whatever field you need to decode']
      target: json

filebeat.prospectors:
-路径:
- ''
多行模式:“”
多行。否定:真
multiline.match:之后
处理器:
-解码\u json\u字段:
字段:['

filebeat.prospectors:
- paths:
    - '<path to your log>'
  multiline.pattern: '<whatever pattern is needed>'
  multiline.negate: true
  multiline.match:  after
  processors:
  - decode_json_fields:
      fields: ['<whatever field you need to decode']
      target: json