Hi all,
I am starting with Kibana and installed kibana, elasticsearch, logstash and filebeat for collecting statistics about apache. All logs from access.log are working properly and are being graphed in kibana. Unfortunatelly the error.log events are not being captured by kibana.
To try understanding what is happening with error.log monitoring I started filebeat in debug mode. In filebeat debug logs I can see events sent by filebeat regarding to error.log file, but nothing is displayed in kibana dashboard.
Below is the filebeat output showing error.log notifications.
2018-04-21T20:01:57.153-0300 DEBUG [publish] pipeline/processor.go:275 Publish event: {
"@timestamp": "2018-04-21T23:01:57.153Z",
"@metadata": {
"beat": "filebeat",
"type": "doc",
"version": "6.2.4",
"pipeline": "filebeat-6.2.4-apache2-error-pipeline"
},
"prospector": {
"type": "log"
},
"beat": {
"name": "ubuntu",
"hostname": "ubuntu",
"version": "6.2.4"
},
"source": "/var/log/apache2/error.log",
"offset": 16494,
"message": "[Sat Apr 21 20:01:50.210613 2018] [:error] [pid 8558] [client 192.168.56.1:54811] PHP Parse error: syntax error, unexpected 'aks' (T_STRING) in /var/www/html/index.php on line 4",
"fileset": {
"module": "apache2",
"name": "error"
}
}
Can anyone give me an idea about that?
Kleber