| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121 |
- ###################### Filebeat Configuration Example #########################
- # This file is an example configuration file highlighting only the most common
- # options. The filebeat.full.yml file from the same directory contains all the
- # supported options with more comments. You can use it as a reference.
- #
- # You can find the full configuration reference here:
- # https://www.elastic.co/guide/en/beats/filebeat/index.html
- #=========================== Filebeat prospectors =============================
- filebeat.prospectors:
- # Each - is a prospector. Most options can be set at the prospector level, so
- # you can use different prospectors for various configurations.
- # Below are the prospector specific configurations.
- - input_type: log
- # Paths that should be crawled and fetched. Glob based paths.
- paths:
- - "/root/nginx/*.log"
- #- "/root/docker/*/*.log"
- #- "/root/php7/*.log"
- #- c:\programdata\elasticsearch\logs\*
- encoding: utf-8
- # Exclude lines. A list of regular expressions to match. It drops the lines that are
- # matching any regular expression from the list.
- #exclude_lines: ["^DBG"]
- # Include lines. A list of regular expressions to match. It exports the lines that are
- # matching any regular expression from the list.
- #include_lines: ["^ERR", "^WARN"]
- # Exclude files. A list of regular expressions to match. Filebeat drops the files that
- # are matching any regular expression from the list. By default, no files are dropped.
- #exclude_files: [".gz$"]
- # Optional additional fields. These field can be freely picked
- # to add additional information to the crawled log files for filtering
- #fields:
- # level: debug
- # review: 1
- close_older: 24h
- ### Multiline options
- # Mutiline can be used for log messages spanning multiple lines. This is common
- # for Java Stack Traces or C-Line Continuation
- # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
- #multiline.pattern: ^\[
- # Defines if the pattern set under pattern should be negated or not. Default is false.
- #multiline.negate: false
- # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
- # that was (not) matched before or after or as long as a pattern is not matched based on negate.
- # Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
- #multiline.match: after
- #================================ General =====================================
- # The name of the shipper that publishes the network data. It can be used to group
- # all the transactions sent by a single shipper in the web interface.
- #name:
- # The tags of the shipper are included in their own field with each
- # transaction published.
- #tags: ["service-X", "web-tier"]
- # Optional fields that you can specify to add additional information to the
- # output.
- #fields:
- # env: staging
- #================================ Outputs =====================================
- # Configure what outputs to use when sending the data collected by the beat.
- # Multiple outputs may be used.
- #-------------------------- Elasticsearch output ------------------------------
- output.elasticsearch:
- # Array of hosts to connect to.
- hosts: ["elk-es:9200"]
- # Optional protocol and basic auth credentials.
- #protocol: "https"
- username: "elastic"
- password: "changeme"
- #index: "nginx-%{+yyyy.MM.dd}"
- #curl -XPUT 'http://elk-ek:9200/_ingest/pipeline/nginx-pipeline' -d@/work/pipeline.json
- #pipeline: "nginx-pipeline"
- #----------------------------- Logstash output --------------------------------
- #output.logstash:
- # The Logstash hosts
- #hosts: ["elk-logstash:5044"]
- # Optional SSL. By default is off.
- # List of root certificates for HTTPS server verifications
- #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
- # Certificate for SSL client authentication
- #ssl.certificate: "/etc/pki/client/cert.pem"
- # Client Certificate Key
- #ssl.key: "/etc/pki/client/cert.key"
- #================================ Logging =====================================
- # Sets log level. The default log level is info.
- # Available log levels are: critical, error, warning, info, debug
- #logging.level: debug
- # At debug level, you can selectively enable logging only for some components.
- # To enable all selectors use ["*"]. Examples of other selectors are "beat",
- # "publish", "service".
- #logging.selectors: ["*"]
|
