Do we need to create new index for file beat?

dubul · July 15, 2016, 10:49pm

I'm using filebeat to ship logs from windows machine to Elasticsearch, with default filebeats setting.
When i try to ship logs using filebeat from other server, i couldnt see any logs on elasticsearch.

In the earlier filebeat shipping the index formed is filebeat, i want to change the name of the index jenkins logs to it if it works, i tried using editing filebeat.yml.

Does elasticsearch listen to multiple filebeat from different servers??

steffens · July 20, 2016, 1:44pm

Have you checked filebeat logs about output errors? filebeat normally creates index filebeat-<event timestamp>. If clock is not in sync (check $ date output), events might end up in an old index.

Topic		Replies	Views
Best practice for using file beats and indexing Beats filebeat	3	825	April 17, 2018
Indexes with FileBeat Beats filebeat	8	4397	September 27, 2016
Create new indices on each Beats update Beats filebeat , auditbeat	1	313	June 28, 2022
How to create a single index when using with filebeats Beats filebeat	5	1468	June 16, 2017
No filebeat index in Elasticsearch after running setup Beats filebeat	3	1312	October 16, 2020

Do we need to create new index for file beat?

Related topics