I'm using filebeat 7.15 with tomcat module to send logs to kibana. I'm trying to send exceptions as one message. My tomcat.yml configuration looks like this. -
new to filebeat and multiline.pattern configuration as a whole. I was reading up on multiline.pattern examples and came across this multiline.pattern examples.
I am new to the forum as well as elk stack. I tried setting up the elk stack using docker.I was successful and then I added filebeat to the compose file. Ever s
I have an application up and running in set of docker containers (deployed using docker stack and not kubernetes). I want to do performance monitoring for this
I am using filebeat, elasticsearch, kibana to ship and view logs on ec2. all the three services are working fine and I am able to see the logs on kibana. But w
I'm unable to receive data in the Kibana dashboard from the Filebeat agent. I'm using self-managed ELK with AWS EC2 server. Below is my filebeat.yml filebeat.in
I've been stuck in a problem for 3 days now..I am trying to alert on new IP address but the format of log file is not helping me so I've used a pipeline to par
I have an XML field in my logfile that filebeat is parsing. I want to keep the original full field, but decode the field part way down. eg: <myfield> &l
I have started logstash using following configurations: Inside logstash.yml: queue.type: persisted queue.max_bytes: 8gb queue.checkpoint.writes: 1 configura
I have a web server and I need to analyze the traffic and find potential anomalies in it. My first idea was to use filebeat to take the apache web access logs a
In one of our applications we parse the application logs using logstash and indexing them into elasticsearch. Our simple architecture is logfiles ---> filebe
i'm trying to install elk and filebeat on docker, well i uploaded the image of elk and it worked i can go to the kibana dashboard and view elastic ,... Now I wa