[root@node2 filebeat]#grep "^s*[^# t].*$" /etc/filebeat/filebeat.ymlfilebeat.inputs:- type: log enabled: true paths: - /var/log/long_text_2021-12-13-14-59-09.txt fields_under_root: true- type: log enabled: true paths: - /var/log/messages fields_under_root: true- type: log enabled: true paths: - /tmp/yum.log exclude_lines: ['^$'] fields_under_root: true ignore_older: 24 #可以指定filebeat忽略指定时间段以外修改的日志内容 close_inactive: 5m # scan_frequency: 1s #filebeat以多快的频率去检测文件更新 clean_inactive: 72h backoff: 1s #filebeat检测到某个文件到了eof之后,每次等待多久再去检测更新 max_backoff: 10s #f multiline.type: pattern multiline.pattern: ^[ multiline.negate: true multiline.match: afterfilebeat.config.modules: path: ${path.config}/modules.d/*.yml reload.enabled: truesetup.template.settings: index.number_of_shards: 1setup.kibana: host: "127.0.0.1:5601"output.elasticsearch: hosts: ["127.0.0.1:9200"] indices: - index: "javalog-%{+yyyy.MM.dd}" when.contains: - index: "message_%{+YYYY.MM.dd}" when.contains: - index: "yum_%{+YYYY.MM.dd}" when.contains:setup.template.name: "javalog"setup.template.pattern: "javalog-*"setup.template.enabled: falsesetup.ilm.enabled: falseprocessors: - add_host_metadata: when.not.contains.tags: forwarded - add_cloud_metadata: ~ - add_docker_metadata: ~ - add_kubernetes_metadata: ~