Filbeat not publishing logs to logstash

ranjini · January 19, 2021, 5:16pm

filebeat logs

2021-01-19T17:07:14.953Z        INFO    [publisher_pipeline_output]     pipeline/output.go:151  Connection to backoff(async(tcp://logsrv.example-elk.local:5044)) established
2021-01-19T17:07:14.978Z        ERROR   [logstash]      logstash/async.go:280   Failed to publish events caused by: EOF
2021-01-19T17:07:14.978Z        INFO    [publisher]     pipeline/retry.go:219   retryer: send unwait signal to consumer
2021-01-19T17:07:14.978Z        INFO    [publisher]     pipeline/retry.go:223     done ```

filebeat.yml

################### Filebeat Configuration Example ###################

filebeat config for cds project

############################# Filebeat ###############################

filebeat.inputs:
-
paths:
- /opt/tomcat/tomcat.log
input_type: log
enabled: true
multiline:
pattern: ^[0-9]+[0-9]+[0-9]+[0-9]-[0-1]+[0-9]-[0-3]+[0-9]
negate: true
match: after
max_lines: 250
timeout: 15s
fields:
tags: apache
environment: elk
product: tomcat

-
  paths:
    - /opt/tomcat/apache.log
  input_type: log
  enabled: true
  multiline:
    pattern: ^[0-9]+[0-9]+[0-9]+[0-9]-[0-1]+[0-9]-[0-3]+[0-9]
    negate: true
    match: after
    max_lines: 250
    timeout: 15s
  fields:
    tags: apache2
    environment: elk
    product: tomcat

registry_file: /var/lib/filebeat/.registry

output.logstash:
hosts: ["logsrv.example-elk.local:5044"]
key: "ek-cds"
db: 0
db_topology: 1
timeout: 5
reconnect_interval: 1
shipper:
logging:
to_syslog: false
to_files: true
files:
path: /var/log/filebeat
name: filebeat.log
rotateeverybytes: 10485760 # = 10MB
keepfiles: 7
level: debug

please help

mtojek · January 20, 2021, 9:13am

Please format your post correctly using ```. I don't see what is the exact problem you're facing.

system · February 17, 2021, 11:13am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.