Filebeat 7.0.0

Pascal72 · May 3, 2019, 6:32am

Hi,

I have recently upgraded my ELK infrastructure to version 7.0.0. On my elasticsearch nodes, I have also upgraded the filebeat component. The configuration is quite simple, I have only activated the elasticsearch module to index elasticsearch logs. I don't harvest any other logs.
By doing like this, I see that the filebeat log is not written in /var/log/filebeat/filebeat but directly sent to /var/log/messages.
If I disable the elasticsearch module, the /var/log/filebeat/filebeat is created and populated.

Is it the normal behaviour ?

Regards,
Pascal

system · May 31, 2019, 6:32am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat's module using Logstash Beats filebeat	6	3703	November 30, 2017
Filebeat V7.4.1 output.elasticsearch not writing to defined index "logstash" Beats filebeat	6	618	November 26, 2019
No filebeat index in Elasticsearch after running setup Beats filebeat	3	1312	October 16, 2020
Filebeat.yml inputs vs module Beats filebeat	2	287	October 23, 2020
I dont see any filebeat index created on the elastic search Beats	2	818	July 5, 2017

Filebeat 7.0.0

Related topics