I am using filebeat to send my application logs to Elasticsearch and directly connecting to my Elasticsearch for sending the logs.
My file beat configuration
filebeat.config:
modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
filebeat.inputs:
- type: log
paths:
- "/var/log/*.log"
setup.ilm.enabled: false
setup.template.overwrite: true
output.elasticsearch:
hosts: ["aws-es:443"]
output.elasticsearch.index: "myapp-%{[agent.version]}-%{+yyyy.MM.dd}"
username: '${ELASTICSEARCH_USERNAME:}'
password: '${ELASTICSEARCH_PASSWORD:}
Please note that in output.elasticsearch.index:
I am giving myapp as prefix to my index name in Elasticsearch but filebeat is creating index with filebeat-7.7.0-2020.05.31
name ie using its own name filebeat
as prefix which I don't want as I am having multiple applications and want to create a separate index for them.