I'm new to ELK, tried loading a log file into elastic search which worked successfully.
Now planning to load all the log files from a specific folder into elastic search
Below is the input part in the configuration file. I have a regex expression there to load files such as test2312312.log, test35353.log and test743432.log. The expression should ignores files like testserver.log, testprocess.log
The below regex used to work in Python but it is not working here in GROK. Can someone help me out?
input {
file {
path => "C:/Users/myself/Downloads/ELK/test(?=[0-9]).log"
start_position => "beginning"
sincedb_path => "NULL"
}
}
Path in file doesn't support regex. It only supports wildcard.
You can use exclude property which accepts an array to exclude certain files
Exclusions (matched against the filename, not full path). Filename patterns are valid here, too. For example, if you have