7 tag: elasticsearch.general
8 path: /var/log/elasticsearch/elasticsearch.log
9 pos_file: /tmp/elasticsearch.general.pos
10 format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] \[([^\]]*) *\] (?<Payload>.+)/'
11 tail_elasticsearch_deprecation:
13 tag: elasticsearch.deprecation
14 path: /var/log/elasticsearch/elasticsearch_deprecation.log
15 pos_file: /tmp/elasticsearch.deprecation.pos
16 format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] (?<Payload>.+)/'
17 tail_elasticsearch_index_indexing_slowlog:
19 tag: elasticsearch.slowlog.indexing
20 path: /var/log/elasticsearch/elasticsearch_index_indexing_slowlog.log
21 pos_file: /tmp/elasticsearch.slowlog.indexing.pos
22 format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] (?<Payload>.+)/'
23 tail_elasticsearch_index_search_slowlog:
25 tag: elasticsearch.slowlog.search
26 path: /var/log/elasticsearch/elasticsearch_index_search_slowlog.log
27 pos_file: /tmp/elasticsearch.slowlog.search.pos
28 format: '/^\[(?<time>[^ ]* [^ ]*)\]\[(?<severity_label>[^ ]*) *?\]\[([^ ]*) *\] (?<Payload>.+)/'
31 type: record_transformer
38 value: ${ {"WARN"=>4,"INFO"=>6,"DEBUG"=>7,"TRACE"=>7}[record["severity_label"]] }
39 - name: severity_label
40 value: ${ {"WARN"=>"WARNING","INFO"=>"INFO","DEBUG"=>"DEBUG","TRACE"=>"TRACE"}[record["severity_label"]] }