WARNING: Version 5.3 of Filebeat has passed its EOL date.

This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.

« Nginx Fields Securing Filebeat »
Elastic Docs Filebeat Reference [5.3] Exported Fields

System Fields

edit

System Fields

edit

Module for parsing system log files.

system Fields

edit

Fields from the system log files.

syslog Fields

edit

Contains fields from the syslog system logs.

system.syslog.timestamp

edit

The timestamp as read from the syslog message.

system.syslog.hostname

edit

The hostname as read from the syslog message.

system.syslog.program

edit

The process name as read from the syslog message.

system.syslog.pid

edit

The PID of the process that sent the syslog message.

system.syslog.message

edit

The message in the log line.

« Nginx Fields Securing Filebeat »