Hi ,
I am using metricbeat 7.14. IAM policy given for AWS billing and AWS.yml config file is as follows as stated in
AWS billing metricset | Metricbeat Reference [7.16] | Elastic
Step I followed to start aws and flow aws billing data to kibana are as follows.
S1>Make changes in metricbeat.yml (changed cloud id,user/password)
S2>Enable AWS
S3>Make changes in AWS.yml
S4>Start metricbeat, but data didn't flow.
When I checked the status of metricbeat, i am getting failed message.
sudo service metricbeat status
● metricbeat.service - Metricbeat is a lightweight shipper for metrics.
Loaded: loaded (/usr/lib/systemd/system/metricbeat.service; disabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Mon 2021-09-06 07:33:16 UTC; 23s ago
Docs: https://www.elastic.co/beats/metricbeat
Process: 24312 ExecStart=/usr/share/metricbeat/bin/metricbeat --environment systemd $BEAT_LOG_OPTS $BEAT_CONFIG_OPTS $BEAT_PATH_OPTS (code=exited, status=1/FAILURE)
Main PID: 24312 (code=exited, status=1/FAILURE)
Sep 06 07:33:16 dev systemd[1]: Unit metricbeat.service entered failed state.
Sep 06 07:33:16 dev systemd[1]: metricbeat.service failed.
Sep 06 07:33:16 dev systemd[1]: metricbeat.service holdoff time over, scheduling restart.
Sep 06 07:33:16 dev systemd[1]: Stopped Metricbeat is a lightweight shipper for metrics..
Sep 06 07:33:16 dev systemd[1]: start request repeated too quickly for metricbeat.service
Sep 06 07:33:16 dev systemd[1]: Failed to start Metricbeat is a lightweight shipper for metrics..
Sep 06 07:33:16 dev systemd[1]: Unit metricbeat.service entered failed state.
Sep 06 07:33:16 dev systemd[1]: metricbeat.service failed.
As metricbeat is not starting then I disable aws module and try starting metricbeat again.Then Metrcibeat gets started.
Then I enable aws module but still aws data is not flowing to the kibana,
Pls let me know if i am making mistake in running the step or in aws.yml file.
sudo service metricbeat status
● metricbeat.service - Metricbeat is a lightweight shipper for metrics.
Loaded: loaded (/usr/lib/systemd/system/metricbeat.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2021-09-06 07:36:47 UTC; 7s ago
Docs: https://www.elastic.co/beats/metricbeat
Main PID: 27599 (metricbeat)
Tasks: 10
Memory: 55.5M
CGroup: /system.slice/metricbeat.service
└─27599 /usr/share/metricbeat/bin/metricbeat --environment systemd -c /etc/metricbeat/metricbeat.yml --path.home /usr/share/metricbeat --path.config /etc/...
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.773Z INFO [index-management] idxmgmt/std.go:261 Auto ILM enable success.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.807Z INFO [index-management.ilm] ilm/std.go:160 ILM policy metricbea...s already.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.807Z INFO [index-management] idxmgmt/std.go:401 Set setup.template.n...s enabled.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.807Z INFO [index-management] idxmgmt/std.go:406 Set setup.template.p...s enabled.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.807Z INFO [index-management] idxmgmt/std.go:440 Set settings.index.l...s enabled.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.807Z INFO [index-management] idxmgmt/std.go:444 Set settings.index.l...s enabled.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.843Z INFO template/load.go:111 Template "metricbeat-7.14.0" already exists ...erwritten.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.843Z INFO [index-management] idxmgmt/std.go:297 Loaded index template.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.883Z INFO [index-management.ilm] ilm/std.go:121 Index Alias metricbe...s already.
Sep 06 07:36:48 dev metricbeat[27599]: 2021-09-06T07:36:48.884Z INFO [publisher_pipeline_output] pipeline/output.go:151 Connect...stablished
Hint: Some lines were ellipsized, use -l to show in full.
Aws.yml
- module: aws
period: 60s
metricsets:
- billing
cost_explorer_config:
group_by_dimension_keys:
- "AZ"
- "INSTANCE_TYPE"
- "SERVICE"
- "LINKED_ACCOUNT"
group_by_tag_keys:
- "aws:createdBy"
access_key_id: '${AWS_ACCESS_KEY_ID:"<>"}'
secret_access_key: '${AWS_SECRET_ACCESS_KEY:"< >"}'