Filebeat - Configuring Filebeat

filebeat.prospectors:

- input_type: log
  paths:
    - E:\AgileSlot\Log\*\*Full*log*

filebeat.prospectors:

- input_type: log
  # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}'

  # Defines if the pattern set under pattern should be negated or not. Default is false.
  multiline.negate: true

  # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
  # that was (not) matched before or after or as long as a pattern is not matched based on negate.
  # Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
  multiline.match: after

filebeat.prospectors:

- input_type: log
  ignore_older: 24h

output.logstash:
 
  # The Logstash hosts
  hosts: ["172.16.49.172:5044","172.16.49.116:5044"]

  # Number of workers per Logstash host.
  worker: 2

  # Set gzip compression level.
  #compression_level: 3

  # Optional load balance the events between the Logstash hosts
  loadbalance: true

  # Number of batches to be send asynchronously to logstash while processing
  # new batches.
  #pipelining: 0

  # Optional index name. The default index name is set to name of the beat
  # in all lowercase.
  index: "cas-agileslot-dev"

# Logging to rotating files files. Set logging.to_files to false to disable logging to
# files.
logging.to_files: true
logging.files:
  # Configure the path where the logs are written. The default is the logs directory
  # under the home path (the binary location).
  #path: /var/log/filebeat
  
  # The name of the files where the logs are written to.
  #name: filebeat

##################$$$###### Filebeat Configuration ############################

# This file is a full configuration example documenting all non-deprecated
# options in comments. For a shorter configuration example, that contains only
# the most common options, please see filebeat.yml in the same directory.
#
# You can find the full configuration reference here:
# https://www.elastic.co/guide/en/beats/filebeat/index.html

#=========================== Filebeat prospectors =============================

# List of prospectors to fetch data.

filebeat.prospectors:

- input_type: log
  paths:
    - E:\AgileSlot\Log\*\*Full*log*

  # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}'

  # Defines if the pattern set under pattern should be negated or not. Default is false.
  multiline.negate: true

  # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
  # that was (not) matched before or after or as long as a pattern is not matched based on negate.
  # Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
  multiline.match: after
  
  ignore_older: 24h
#----------------------------- Logstash output --------------------------------
output.logstash:
 
  # The Logstash hosts
  hosts: ["172.16.49.172:5044","172.16.49.116:5044"]

  # Number of workers per Logstash host.
  worker: 2

  # Set gzip compression level.
  #compression_level: 3

  # Optional load balance the events between the Logstash hosts
  loadbalance: true

  # Number of batches to be send asynchronously to logstash while processing
  # new batches.
  #pipelining: 0

  # Optional index name. The default index name is set to name of the beat
  # in all lowercase.
  index: "cas-agileslot-dev"
  
shipper:
  tags: ["CAS","AgileSlot","DEV"]


# Logging to rotating files files. Set logging.to_files to false to disable logging to
# files.
logging.to_files: true
logging.files:
  # Configure the path where the logs are written. The default is the logs directory
  # under the home path (the binary location).
  #path: /var/log/filebeat
  
  # The name of the files where the logs are written to.
  #name: filebeat

filebeat.config_dir: configs

#----------------------------- Logstash output --------------------------------
output.logstash:
 
  # The Logstash hosts
  hosts: ["172.16.49.172:5044","172.16.49.116:5044"]

  # Number of workers per Logstash host.
  worker: 2

  # Set gzip compression level.
  #compression_level: 3

  # Optional load balance the events between the Logstash hosts
  loadbalance: true

  # Number of batches to be send asynchronously to logstash while processing
  # new batches.
  #pipelining: 0

  # Optional index name. The default index name is set to name of the beat
  # in all lowercase.
  index: "cas-agileslot-dev"


# Logging to rotating files files. Set logging.to_files to false to disable logging to
# files.
logging.to_files: true
logging.files:
  # Configure the path where the logs are written. The default is the logs directory
  # under the home path (the binary location).
  #path: /var/log/filebeat
  
  # The name of the files where the logs are written to.
  #name: filebeat

  ##################$$$###### Filebeat Configuration ############################

# This file is a full configuration example documenting all non-deprecated
# options in comments. For a shorter configuration example, that contains only
# the most common options, please see filebeat.yml in the same directory.
#
# You can find the full configuration reference here:
# https://www.elastic.co/guide/en/beats/filebeat/index.html

#=========================== Filebeat prospectors =============================

# List of prospectors to fetch data.

filebeat.prospectors:

- input_type: log
  paths:
    - E:\AgileSlot\Log\*\*Full*log*
  exclude_files: ["\.zip$","\.7z$"]
  
  document_type: applog

  # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}'

  # Defines if the pattern set under pattern should be negated or not. Default is false.
  multiline.negate: true

  # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
  # that was (not) matched before or after or as long as a pattern is not matched based on negate.
  # Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
  multiline.match: after
  
  ignore_older: 24h