FB -> Logstash -> ES -> kibana not working

rudok · February 26, 2018, 1:47pm

Hi all

I am new in ELK ,I tried setup 6.2 ELK infrastructure.
I used filebeat with apache module to send parsed apache log directly to ES and all was working fine.
But I need to do some changes in event ( timestamp change) and I decided use logstash for event manipulation and after change send event to logstash, but when I changed output to logstash from elasticsearch the apache module stop parsing data from event and I didn`t recieved fields: apache2.access.*.

What am I doing wrong?
Is it possible to send apache log parsed data to different output than elasticsearch?

I tried change output to file, but stored event are without apache2.access.* fields too.

Thx

Rudo

rudok · February 26, 2018, 10:18pm

Solved:

https://www.elastic.co/guide/en/logstash/current/logstash-config-for-filebeat-modules.html

system · March 26, 2018, 10:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How can I parse filebeat data with logstash and send it to kibana? Logstash	3	582	March 24, 2020
Parsing issues Logstash	1	268	November 22, 2018
Filebeat 6 + Apache2 module : fields not exported to Logstash Beats filebeat	5	2035	December 26, 2017
Issue parsing Apache log coming from Filebeat Logstash	5	3795	January 6, 2017
Filebeat/Logstash Apache Access Logs timestamp issue Logstash	9	656	September 30, 2022

FB -> Logstash -> ES -> kibana not working

Related Topics