If I understand what you're saying, you're using LogstreamerInput
incorrectly. A single LogstreamerInput is meant to map to either a
single log stream, or possibly multiple logstreams of identical
structure, such as a set of access logs for a number of different domains.
You seem to be trying to use a single LogstreamerInput to track a bunch
of conceptually unrelated log files, which won't work. You'll want to
use a separate LogstreamerInput for each file.
-r
On 04/06/2016 02:08 AM, Abhiman wrote:
I want to upload multiple files(which are non sequential) simultaneously
using Heka. The files are conn.log, http.log, dhcp.log, dnp3.log,
ftp.log, dns.log. I am trying with the following code
|[networklogs] Type = "LogstreamerInput" log_directory =
"/opt/bro/logs/current" file_match= '(?P<Year>\d+)\.log'
priority=["Year"] decoder="Json" [networklogs.translation.Year] conn = 1
dhcp = 2 dnp3 = 3 dns = 4 ftp = 5 http = 6 [Json] type =
"SandboxDecoder" filename = "lua_decoders/json.lua" [Json.config] type =
"raw.bro" debug = false [ESJsonEncoder] index = "test_2" type_name =
"one" [ElasticSearchOutput] message_matcher = "TRUE" server =
"http://localhost:9200"; encoder = "ESJsonEncoder" |
but it's not working. When I am trying with only one file, I am
succeeding but for multiple files, no luck.
Regards,
*---------------------------------------------------------------------------------------------*
*Abhiman | *Analyst
M: +91 8004274160 | www.tcg-digital.com
_______________________________________________
Heka mailing list
[email protected]
https://mail.mozilla.org/listinfo/heka
_______________________________________________
Heka mailing list
[email protected]
https://mail.mozilla.org/listinfo/heka
