Auditbeat custom index name not working

bharat1 · September 28, 2019, 8:03am

Hi All,
I am planning to add my own custom index name (auditlogs instead of default auditbeat) of index for auditbeat but somehow its not working. Below are the configs that I have related to ES & Kibana, am I doing something wrong here or missing anything? FYI - I have not written any templates of my own but will load default inbuilt template available

setup.dashboards.index: "auditlogs-*"
host: "kibanahost:5601"
output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["http://eshost1:9200"]
  index: "auditlogs-%{[agent.version]}-%{+yyyy.MM.dd}"
  setup.template.enabled: "true"
  setup.template.name: "auditlogs"
  setup.template.pattern: "auditlogs-*"
logging.level: debug
logging.selectors: ["*"]

bharat1 · October 3, 2019, 5:35am

Can anyone point me where I am going wrong? Appreciate your help

system · October 24, 2019, 5:35am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Custom index name for auditbeat Beats	6	463	May 26, 2020
Custom Index Name for FileBeat Beats filebeat	3	1757	October 28, 2019
Custom index not getting created in Kibana Kibana	6	232	December 25, 2023
Unable to use own index name Beats filebeat	3	337	July 24, 2019
Filebeat custom index name without logstash Beats filebeat	8	6237	January 24, 2019

Auditbeat custom index name not working

Related Topics