Changing index pattern refuses to start

mortenb123 · October 11, 2018, 10:05am

Hi
according to: Configure the Elasticsearch output | Winlogbeat Reference [master] | Elastic

But if I add

index: "winlogbeat-%{[beat.version]}-%{+yyyy.MM.dd}"

winlogbeat do not start up

mortenb123 · October 11, 2018, 10:18am

needed to add to winlogbeat.yml:

  setup.template.name: 'winlogbeat-%{[beat.version]}'
  setup.template.pattern: 'winlogbeat-%{[beat.version]}-*'

They seem very default to me.

andrewkroh · October 13, 2018, 12:18am

Anytime you change the output.elasticsearch.index you also need to configure the setup.template.name and setup.template.pattern to ensure they are all pointing at the right index.

https://www.elastic.co/guide/en/beats/winlogbeat/master/elasticsearch-output.html#index-option-es

system · November 10, 2018, 12:18am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Changing the index name for winlogbeat sent to elasticsearch Beats winlogbeat	7	3209	March 27, 2019
Unable to change the default index in Winlogbeat.yaml Beats winlogbeat	15	2204	January 2, 2018
How to configure winlogbeat to use existing index in elasticsearch Beats	5	511	October 4, 2018
Winlogbeat 7.2.0 index name not changing despite specifying setup.template.name, setup.template.pattern Beats winlogbeat	5	1128	September 3, 2019
Beats and index naming Beats	22	1106	September 16, 2019

Changing index pattern refuses to start

Related Topics