Can't get Filebeat to work

Elastic Stack Beats
1

Hi, Colleagues!

I have installed ELK in Windows and it was all good, until I changed my filebeats configuration to test some stuff. Now I cant get it to work again.
The structure is FB > LS > ES > K

My FB configuration is:

filebeat.prospectors: 
- input_type: log
  paths: 
    - /var/log/*.log
output.logstash:
  hosts: ["localhost:5044"]

My LS config is:

input 
{
 beats 
  {
    port => 5044
  }
}
 
filter {...}

output {
  elasticsearch {
    hosts => "localhost:9200"
    manage_template => false
    index => "logstash-%{+YYYY.MM.dd}"
  }
}

The Fb output is:

2017/08/21 09:37:56.675087 beat.go:285: INFO Home path: [C:\Proyectos\fileb
eat] Config path: [C:\Proyectos\filebeat] Data path: [C:\Proyectos\filebeat\data] Logs path: [C:\Proyectos\filebeat\logs]
2017/08/21 09:37:56.676048 beat.go:186: INFO Setup Beat: filebeat; Version: 5.5.1
2017/08/21 09:37:56.675087 metrics.go:23: INFO Metrics logging every 30s
2017/08/21 09:37:56.677044 logstash.go:90: INFO Max Retries set to: 3
2017/08/21 09:37:56.678048 outputs.go:108: INFO Activated logstash as output plugin.
2017/08/21 09:37:56.678048 publish.go:238: DBG  Create output worker
2017/08/21 09:37:56.679054 publish.go:280: DBG  No output is defined to store the topology. The server fields might not be filled.
2017/08/21 09:37:56.680052 publish.go:295: INFO Publisher name: PC
2017/08/21 09:37:56.717196 async.go:63: INFO Flush Interval set to: 1s
2017/08/21 09:37:56.718154 async.go:64: INFO Max Bulk Size set to: 2048
2017/08/21 09:37:56.718154 async.go:72: DBG  create bulk processing worker (interval=1s, bulk size=2048)
2017/08/21 09:37:56.722165 beat.go:221: INFO filebeat start running.
2017/08/21 09:37:56.723168 registrar.go:85: INFO Registry file set to: C:\Proyectos\filebeat\data\registry
2017/08/21 09:37:56.727178 registrar.go:106: INFO Loading registrar data from C:\Proyectos\filebeat\data\registry
2017/08/21 09:37:56.728180 registrar.go:123: INFO States Loaded from registrar:0
2017/08/21 09:37:56.729186 registrar.go:236: INFO Starting Registrar
2017/08/21 09:37:56.729186 sync.go:41: INFO Start sending events to output
2017/08/21 09:37:56.729186 spooler.go:63: INFO Starting spooler: spool_size: 2048; idle_timeout: 5s
2017/08/21 09:37:56.729186 crawler.go:38: INFO Loading Prospectors: 1
2017/08/21 09:37:56.731189 prospector_log.go:65: INFO Prospector with previous states loaded: 0
2017/08/21 09:37:56.733195 prospector.go:124: INFO Starting prospector of type:log; id: 17005676086519951868
2017/08/21 09:37:56.734197 crawler.go:58: INFO Loading and starting Prospectorscompleted. Enabled prospectors: 1

The problem I'm having seems to be that FB isn't able to see the files, but since I was able to do that in the past, I don't think it is anything related to the permissions. Any Idea what it could be?
Thanks a lot!

2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.