Filebeat routing message problem

[kakaz]

Problem description

Steps to reproduce the problem

1. Graylog v2.3.1+9f2c6ef
2. I've defined Collectors working for winlogbeat and filebeat
3. Winlogbeat gathers Windows Event logs and route it into collector output which transfers them into input working on the same machine on port 5046 ( it works)
4. filebeats read several text log files ( mostly flexlm license managers) and should route it into collector output which transfers them into input working on the same machine on port 5047
5. for filebeats there is several files to read, so several collector inputs, one per monitored file
6. messages are read, and transferred into collector machinery
7. All messages form filebeat are routed to stream "all messages" and nothing is in input dedicated to license servers on 5047 port.
8. I've checked generated config for winlogbeat and filebeat. In winlogbeat there is a section with output definition, which points into correct port 5047. On filebeat generated file there is no such line. I've added it manually: then it works ( messages appear in input working on 5047 port ). but when checking on colector's overview --> show messages ( blue button) - messages stil has only routed to: all messages info.

Environment

• Sidecar Version: 0.1.4
• Graylog Version:Graylog v2.3.1+9f2c6ef
• Operating System: Windows 2012R2
• Elasticsearch Version:
• MongoDB Version:

Collector - manage configurations - beat input

Collector - manage configurations - beat output:

Graylog Input configuration:

Collector --> show messages - filebeat route information ( routed to all messages - wrong)

Collector --> show messages - winlogbeat route information ( routed to correct stream)

[jalogisch]

This is connected to #168