Filebeat and ingest node error

Marcello_A · May 9, 2017, 2:08pm

Hi All,
I installed the latest filebeat 5.4.0 on a CentOS 7 server and i tried to parse the auditd file with the specific module and i redirect the output to an elasticsearch 5.4.0 instance. I noticed an error fro filebeat related to the bulk operation and on elasticsearch i recived this exception:

 [2017-05-09T16:07:26,508][WARN ][r.suppressed             ] path: /_bulk, params: {}
java.lang.IllegalStateException: There are no ingest nodes in this cluster, unable to forward request to an ingest node.

Could you confirm if an ingest node it's required for this module?

Thanks,
Marcello

steffens · May 9, 2017, 2:13pm

All parsing in filebeat modules is done via ingest node.

Marcello_A · May 10, 2017, 7:33am

Thanks for the node it's working now.

Marcello

Topic		Replies	Views
Metricbeat problem with Ingest Node Beats	2	298	July 31, 2019
Ingest node, what's the deal? It's required ?! Elasticsearch	10	8143	April 21, 2017
Dedicated Ingest Node ES Elasticsearch	1	346	June 24, 2020
Ingest node or logstash Elasticsearch	5	477	October 20, 2019
No ingest node in the cluster Elasticsearch	3	1566	November 19, 2020

Filebeat and ingest node error

Related topics