No structured logs found
Check if the var.paths setting [points to JSON logs]
Here is my elasticsearch.yml (Filebeat -elasticsearch Module)
- module: elasticsearch
# Server log
server:
enabled: true
# Set custom paths for the log files. If left empty,
# Filebeat will choose the paths depending on your OS.
var.paths:
- /app/elasticsearch/logs/*_server.json
gc:
enabled: false
# Set custom paths for the log files. If left empty,
# Filebeat will choose the paths depending on your OS.
#var.paths:
audit:
enabled: false
# Set custom paths for the log files. If left empty,
# Filebeat will choose the paths depending on your OS.
# var.paths:
slowlog:
enabled: true
# Set custom paths for the log files. If left empty,
# Filebeat will choose the paths depending on your OS.
var.paths:
- /app/elasticsearch/logs/*_index_search_slowlog.json
- /app/elasticsearch/logs/*_index_indexing_slowlog.json
deprecation:
enabled: true
# Set custom paths for the log files. If left empty,
# Filebeat will choose the paths depending on your OS.
var.paths:
- /app/elasticsearch/logs/*_deprecation.json
````````````````````What version of the Elastic Stack are you running? Have you enabled watcher and followed the configuration instructions?
