Analyzing log files in a static directory

Muhammad_Adil_Talay · May 23, 2024, 11:18am

Introduction
Hi, I'm a newbie to Elastic stack, training in the area of Observability.

Background
I have log files of an application saved in a folder or directory of my computer, not connected to the app.

Goal
I would like to analyze and visualize these logs in Kibana.

Attempt
I'm trying to achieve this using Filebeat, given this configuration of the YAML file:

filebeat.inputs:
- type: filestream
id: my-filestream
enabled: true
paths:
- /home/myusername/_data/.log

And then I run the commands to setup and start filebeat.

sudo systemctl daemon-reload
sudo systemctl enable filebeat.service
sudo systemctl start filebeat.service

Now when I look in the Observability tab, I can see system.syslog under Log Events.
And when I look in the Discover tab under Analyze, I see this:

Query
Can someone guide where I'm going wrong and what may I do?

weltenwort · May 23, 2024, 11:42am

Hi @Muhammad_Adil_Talay

Can you look at the Elasticsearch logs, the Kibana logs and the browser dev console to check whether either of them show a related error? From the screenshot I would expect at least the Kibana server to log something.

Topic		Replies	Views
Unable to see logs on Kibana Kibana	13	2973	May 28, 2020
Why are my users complaining about the Kibana "Logs" application? Kibana	4	457	November 30, 2021
Logstash Log Stream Kibana	4	3594	April 7, 2022
No results found for none of filebeat modules in Kibana Dashboard Beats filebeat	6	1755	January 11, 2018
How to add my network logs of my applications to elastic/observability Elastic Agent integrations	13	818	April 30, 2023

Analyzing log files in a static directory

Related Topics