###################### Journalbeat Configuration Example ######################### # This file is an example configuration file highlighting only the most common # options. The journalbeat.reference.yml file from the same directory contains all the # supported options with more comments. You can use it as a reference. # # You can find the full configuration reference here: # https://www.elastic.co/guide/en/beats/journalbeat/index.html # For more available modules and options, please see the journalbeat.reference.yml sample # configuration file. #=========================== Journalbeat inputs ============================= journalbeat.inputs: # Paths that should be crawled and fetched. Possible values files and directories. # When setting a directory, all journals under it are merged. # When empty starts to read from local journal. - paths: [] # The number of seconds to wait before trying to read again from journals. #backoff: 1s # The maximum number of seconds to wait before attempting to read again from journals. #max_backoff: 60s # Position to start reading from journal. Valid values: head, tail, cursor seek: cursor # Exact matching for field values of events. # Matching for nginx entries: "systemd.unit=nginx" #include_matches: [] # Optional fields that you can specify to add additional information to the # output. Fields can be scalar values, arrays, dictionaries, or any nested # combination of these. #fields: # env: staging #========================= Journalbeat global options ============================ #journalbeat: # Name of the registry file. If a relative path is used, it is considered relative to the # data path. #registry_file: registry # The number of seconds to wait before trying to read again from journals. #backoff: 1s # The maximum number of seconds to wait before attempting to read again from journals. #max_backoff: 60s # Position to start reading from all journal. Possible values: head, tail, cursor #seek: head # Exact matching for field values of events. # Matching for nginx entries: "systemd.unit=nginx" #matches: []