Reputation: 83
wild card search in logstash.conf for files
I'm new to ELK, tried loading a log file into elastic search which worked successfully.
Now planning to load all the log files from a specific folder into elastic search
Below is the input part in the configuration file. I have a regex expression there to load files such as test2312312.log, test35353.log and test743432.log. The expression should ignores files like testserver.log, testprocess.log
The below regex used to work in Python but it is not working here in GROK. Can someone help me out?
input {
file {
path => "C:/Users/myself/Downloads/ELK/test(?=[0-9]).log"
start_position => "beginning"
sincedb_path => "NULL"
}
}
Upvotes: 1
Views: 725
Answers (1)
Reputation: 9099
Path in file doesn't support regex. It only supports wildcard.
You can use exclude property which accepts an array to exclude certain files
Exclusions (matched against the filename, not full path). Filename patterns are valid here, too. For example, if you have
Upvotes: 1
Related Questions
- Logstash Conf | Extracting Filename from Path
- Using regex in logstash to filter files by name
- Grok pattern for log files
- Grok for log files Logstash
- Logstash Directory pattern in grok
- regex for logstash.conf input filter path
- Logstash not working with multiple files wildcard path
- Logstash custom matching
- Match whole file
- Logstash - grok configuration filter