Thanks for that information. When I'm looking in Kibana now, it's showing
the correct type but it still shows the index as the original
logstash-2014-02-18. Not sure why it isn't showing the unix-date index. If
I look at ElasticSearch, I can see that it did create the new index I told
it to though.
On Tuesday, February 18, 2014 12:53:22 PM UTC-5, Binh Ly wrote:
>
> You should be able to use the input type to direct log events to specific
> indexes. For example:
>
> input {
> file {
> type => "unixlogs"
> path => "/var/log/UNIX/*.log"
> }
> }
>
> output {
> if [type] == "unixlogs" {
> elasticsearch {
> host => "localhost"
> index => "unix-%{+YYYY.MM.dd}"
> }
> }
> }
>
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5f034ce7-68c9-4f56-918b-bc4c887f74fb%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
