'How To Use exclude_line in filebeat
172.11.11.11 - - [01/Dec/2020:05:49:54 +0000] "GET / HTTP/1.1" 200 1875 "-" "ELB-HealthChecker/2.0" "-"
am using filebeat in application server aws instance and elk in other instance.
am getting logs like these in message level, i want to exlude these lines.how to achieve this?
Solution 1:[1]
@Syam has already answered you correctly but after reading your requirement further, I suggest you use the filter section in logstash and apply this.
filter {
if [message] =~ 'info' or if [message] =~ 'INFO' or if [message] =~ 'Info' {
mutate {
replace => { "LOG-LEVEL" => "INFO" }
}
}
}
GOOD LUCK :)
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Ankit |