반응형
Reference
https://www.elastic.co/guide/en/beats/filebeat/current/multiline-examples.html
Manage multiline messages | Filebeat Reference [8.2] | Elastic
This example will not work correctly if start/end log blocks are mixed with non-multiline logs, or if different start/end log blocks overlap with each other. For instance, Some other log log lines in the following example will be merged into a single multi
www.elastic.co
Configuration
- open the filebeat's configmap manifest > add the "multiline" script at the filebeat.inputs.
Check the result
- Before configuring the multiline, despite of the messages generated at the same times, each messages are shown at the seperated lines.
- After configuring the multiline in the filebeat's configmap, the error messages are shown at the same message colume.
반응형
'모니터링 > elastic' 카테고리의 다른 글
| filebeat - elasticsearch communication error (0) | 2022.05.04 |
|---|