0

我是 logstash 和 kibana 的新用户我尝试在 kibana 中查看我的日志,这取决于那里的文件夹我运行 logstash 服务包含我的管道,如下所示

input {
 file {
  { type => "STAGE-LOG-ADMIN"
    path => "C:\Users\elkstask-master\stage-logs\admin/*.log"},
 tags => ["ADMIN"] }
 file {
  { type => "STAGE-LOG-MS02" 
    path => "C:\Users\elkstask-master\stage-logs\ms02/*.log"},
 tags => ["MS02"] }
 file {
  { type => "custom" 
    path => "C:\Users\elkstask-master/*.log"}, 
 tags => ["custom"]
 }
}

output {
 if "ADMIN" in [tags] {
   elasticsearch {
         hosts => "localhost:9200"
         index => "ADMIN"
         document_type => "ADMIN-%{+YYYY.MM.dd}"
        }
    } 
    if "MS02" in [tags] {
        elasticsearch {
            hosts => "localhost:9200"
            index => "MS02"
            document_type => "MS02-%{+YYYY.MM.dd}"
        }
    }
    if "custom" in [tags] {
        elasticsearch {
            hosts => "localhost:9200"
            index => "custom"
            document_type => "custom-%{+YYYY.MM.dd}"
        }
     }
 }

但是 kibana 中的输出显示了我的所有日​​志如何按文件夹分隔

4

0 回答 0