- Journalbeat Reference for 6.5-7.15:
- Journalbeat overview
- Quick start: installation and configuration
- Set up and run
- Configure
- Inputs
- General settings
- Project paths
- Output
- Kerberos
- SSL
- Index lifecycle management (ILM)
- Elasticsearch index template
- Processors
- Define processors
- add_cloud_metadata
- add_cloudfoundry_metadata
- add_docker_metadata
- add_fields
- add_host_metadata
- add_id
- add_kubernetes_metadata
- add_labels
- add_locale
- add_network_direction
- add_nomad_metadata
- add_observer_metadata
- add_process_metadata
- add_tags
- community_id
- convert
- copy_fields
- decode_base64_field
- decode_csv_fields
- decode_json_fields
- decode_xml
- decode_xml_wineventlog
- decompress_gzip_field
- detect_mime_type
- dissect
- dns
- drop_event
- drop_fields
- extract_array
- fingerprint
- include_fields
- rate_limit
- registered_domain
- rename
- script
- timestamp
- translate_sid
- truncate_fields
- urldecode
- Internal queue
- Logging
- HTTP endpoint
- Regular expression support
- Instrumentation
- journalbeat.reference.yml
- How to guides
- Exported fields
- Monitor
- Secure
- Troubleshoot
- Get help
- Debug
- Common problems
- Journalbeat uses too much bandwidth
- Error loading config file
- Found unexpected or unknown characters
- Logstash connection doesn’t work
- Publishing to Logstash fails with "connection reset by peer" message
- @metadata is missing in Logstash
- Not sure whether to use Logstash or Beats
- SSL client fails to connect to Logstash
- Monitoring UI shows fewer Beats than expected
Starting in version 7.16, this experimental functionality has been removed. You
should use the journald input in Filebeat instead.
Detect mime type
editDetect mime type
editThe detect_mime_type
processor attempts to detect a mime type for a field that
contains a given stream of bytes. The field
key contains the field used as
the data source and the target
key contains the field to populate with the detected type
processors: - detect_mime_type: field: http.request.body.content target: http.request.mime_type
In the example above: - http.request.body.content is used as the source and http.request.mime_type is set to the detected mime type
See Conditions for a list of supported conditions.
ElasticON events are back!
Learn about the Elastic Search AI Platform from the experts at our live events.
Register nowWas this helpful?
Thank you for your feedback.