I'm trying to Configure the module and even though I see events inside of my %{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd} whenever I open Filebeat Apache2 Dashboard via Kibana all I see is:
No results found
# cat /etc/filebeat/modules.d/apache2.yml
- module: apache2
# Access logs
access:
enabled: true
# Set custom paths for the log files. If left empty,
# Filebeat will choose the paths depending on your OS.
var.paths: ["/var/log/apache2/*access.log*"]
# Error logs
error:
enabled: true
# Set custom paths for the log files. If left empty,
# Filebeat will choose the paths depending on your OS.
var.paths: ["/var/log/apache2/*error.log*"]
#
# ls -ld /var/log/apache2/*access.log* | head -1
-rw-r----- 1 root adm 764580 Feb 21 16:37 /var/log/apache2/access.log
# ls -ld /var/log/apache2/*error.log* | head -1
-rw-r----- 1 root adm 725 Feb 21 06:25 /var/log/apache2/error.log
#
recap: events makes into elasticsearch, however I'm unable to see any via Kibana's dashboard...
@tudor I followed that when I set this up filebeat to work with logstash.
# filebeat test output
logstash: app11:5044...
connection...
parse host... OK
dns lookup... OK
addresses: 10.142.0.6
dial up... OK
TLS... WARN secure connection disabled
talk to server... OK
#
as you saw earlier events make all the way into elasticsearch, it's not shipping where it fails it's parsing...
any help with how address that would be appreciate it)
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.