Hello, guys. I have installed and configured ElasticSearch, Logstash and Kibana on my windows-machine. I downloaded a FileBeat product. But I can't start filebeat service via PowerShell or manually. Service installs. but not run. It shows error #1053. How to fix that?
Can you start Filebeat in a command prompt, i.e. not as a service?
@magnusbaeck I have successfully started the FileBeat. It was my fault in config file. I want to ship logs to logstash via FileBeat. But I get some abracadabra like this:
message:z%\u0005\x89]:\u0003iS\x97\x8C)\x9B\xFF\xBB\xA7\x8A\u000E\xE4\xDD\xD8\xCD> \x94\xB6\x9C<\xCF9?\x9E\x84\xBF\x9E\xCDf\x8Fp=ߒ\u0017\xBD\xCBva\xB3%fK\xFC\xB0p߉!\xDF\xFATq`\x8A2\xA0\\\x93\x92\xE4\u001F\xA3\xC3\xFF!.\xC9ϒ\xB4q=dbXI:\xEF\xC2\"\u00113\xACC\x98\xBE\x82\xF3C\u0017Q @version:1 @timestamp:2015-10-26T07:06:16.358Z host:127.0.0.1 _id:AVCi-A9mh6uRoz0aew7j _type:logs _index:logstash-2015.10.26
May be I have a mistake in encoding? Logs sample looks like:
2015-04-24 07:03:50.4307|INFO|YES|Start web application
Logstash conf: http://pastebin.com/4GYifA9Z
FileBeat conf: http://pastebin.com/1nZYEmBz
Thank you for your help.
This definitively looks like an encoding issue. What is the encoding of the file you are crawling? Have a look at the config and search for encoding. You are able to configure per prospector what encoding should be used: https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-configuration-details.html
@ruflin app writes logs in utf8-format. I have already defined an encoding field as "utf-8" . But result is same.
@moo2k, this looks really weird for utf8. Is it possible for you to share the file as is (in private)?
It was my fault. I used tcp input instead of "beats" logstash input plugin. It is working now. Thanks to all.