Filebeat 7.10 aws cloudtrail is not parsing the output as shown in documentation

Anwar · February 24, 2022, 3:54am

Hi,

I have configured aws clodutrail module using filebeat to push the logs to Elasticsearch. Logs are pushed to the elk. But am facing two issues.

Messages are showing in string instead of json
If i used processor and changed message to string. But the dashboard for cloudtrail is not satisfied with default ingest grok pattern.
Please help me to view the output in dashboard.

legoguy1000 · February 24, 2022, 5:21am

Can u show what ur getting? The original message should be in event.original. Can you show any errors or log messages from Filebeat?

system · March 24, 2022, 5:21am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat ingest Beats docker , beats-module	1	266	March 25, 2022
Filebeat loses or doesn't deliver messages from AWS CloudTrail Beats filebeat	4	229	May 13, 2024
Filebeat and AWS Module unable to get CloudTrail logs Beats beats-module , filebeat	2	1416	June 25, 2020
Filebeat is not sending any logs to logstash please help urgent! Beats filebeat	14	487	July 10, 2024
Filebeat's module using Logstash Beats filebeat	6	3703	November 30, 2017