Hello,
I am relatively new to ELK, so I am probably missing something trivial.
I have run Elasticsearch and Kibana via Docker and I have placed FileBeat inside application container where I am writing logs. The problem is that I can't find my logs inside Kibana and I am sure that my filebeat.yml config file is correct.
This is how config file looks:
filebeat.config:
prospectors:
path: ${path.config}/prospectors.d/*.yml
reload.enabled: false
modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
processors:
- add_cloud_metadata:
output.elasticsearch:
hosts: ['elasticsearch:9200']
username: elastic
password: changeme
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/*.log
And I am using Serilog (.NET Core) to write logs on the /var/log/ directory.
When I enter container and go to /var/log I can see my log there, but for some reason, Kibana is not discovering that log.
Does anyone have a clue what am I missing?