Archive logs older than 10 days

This shell command would archive log files that modification times are older than ten days. Find command takes arguments like -maxdepth 1 for maximum level of directories to dig , -type -f for identifying files, -name '*.log' for filtering log files, -mtime +10 for filtering modification time and -exec mv for executing commands for every file that found.

find /ftp/logs/ -maxdepth 1 -type f -name '*.log' -mtime +10 -exec mv {} /ftp/logs/archive/ \;


Sending Jboss Server Logs to Logstash Using Filebeat with Multiline Support

In addition to sending system logs to logstash, it is possible to add a prospector section to the filebeat.yml for jboss server logs. Sometimes jboss server.log has single events made up from several lines of messages. In such cases Filebeat should be configured for a multiline prospector.
Filebeat takes lines do not start with a date pattern (look at pattern in the multiline section "^[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}" and negate section is set to true) and combines them with the previous line that starts with a date pattern.

server.log file excerpt where DatePattern: yyyy-MM-dd-HH and ConversionPattern: %d %-5p [%c] %m%n
Logstash filter: