professional-infra/log-observability-elk-grafana/logstash/pipeline/logstash.conf

input {
  beats {
    port => 5044
  }
}

filter {
  grok {
    match => { "message" => "\[%{TIMESTAMP_ISO8601:observed_at}\] %{LOGLEVEL:level} %{GREEDYDATA:event_message}" }
    tag_on_failure => ["portfolio_parse_failure"]
  }
}

output {
  elasticsearch {
    hosts => ["http://elasticsearch:9200"]
    user => "elastic"
    password => "elastic"
    index => "portfolio-logs-%{+YYYY.MM.dd}"
  }
  stdout {
    codec => rubydebug
  }
}
Initial CV-aligned infrastructure portfolio 2026-05-04 17:37:24 +00:00			`input {`
			`beats {`
			`port => 5044`
			`}`
			`}`

			`filter {`
			`grok {`
			`match => { "message" => "\[%{TIMESTAMP_ISO8601:observed_at}\] %{LOGLEVEL:level} %{GREEDYDATA:event_message}" }`
			`tag_on_failure => ["portfolio_parse_failure"]`
			`}`
			`}`

			`output {`
			`elasticsearch {`
			`hosts => ["http://elasticsearch:9200"]`
			`user => "elastic"`
			`password => "elastic"`
			`index => "portfolio-logs-%{+YYYY.MM.dd}"`
			`}`
			`stdout {`
			`codec => rubydebug`
			`}`
			`}`