So i follow this tutorial https://www.linuxtechi.com/install-elk-stack-elasticsearch-logstash-kibana-centos7-rhel7/ and i have problem on client, with filebeat.
conf yml file:
https://www.dropbox.com/s/ad2jlx7yppio84j/filebeat.yml?dl=0
Any help? ;//
I'm not familiar with that tutorial. Please try following the official getting started guide for Filebeat. If you run into issues following the getting started guide let us know.
Also please do not post screenshots when the text can be copy/pasted.
My ELK server have ip address 192.168.0.1, and client address with filebeat 192.168.0.5. Where i need to change ip in confs/yml files when i make everything from this 'tutorial', because all it's complicated here... When i change elasticsearch ip to 192.168.0.1 then i can imort template to client filebeat but then kibana didn't see elasticsearch, etc etc. And i can't setup dashboard anyway, 'elasticsearch output is not configured/enabled'.
And i always need to run kibana from ./bin file?
What are you trying to accomplish? Do you have a certain type of logs you want to collect?
I recommend following the getting started guide. It will walk through the setup of ES, LS, and Kibana. Then it moves into pushing data using Filebeat. Usage of Lostash is optional in the getting started guide.
For your first setup I recommend deploying Elasticsearch, Kibana, and then Filebeat all on the same host. Push some logs, see it working. Then advance on to either adding Logstash into the mix (if you need to do extra parsing), moving ES and Kibana on to their own servers, or adding TLS.
Get things working in a simple setup. Then make one change at a time until you have reached your end goal.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
