Filebeat data not being updated in Kibana

kahn · November 11, 2019, 1:38pm

/var/log/*.log is currently being fetched and rendered in Kibana, but after the initial timestamp for which the index was created, no changing of timestamps or refreshing seems to pull new data in.

I am new to this stack - surely missing something simple. The search filter is on Today and I've updated several times. No new data comes through.

Kibana only seems to see new Filebeat data when the Filebeat service is restarted.

Here is the filebeat.yml:

filebeat:
  prospectors:
    -
      paths:
        - /var/log/*.log
        - /var/log/messages
        - /var/log/secure
      input_type: log
      document_type: syslog
  registry_file: /var/lib/filebeat/registry
output:
  elasticsearch:
    hosts: ["localhost:9200"]
  logstash:
    hosts: ["localhost:5044"]
shipper:
logging:
  files:

exekias · November 15, 2019, 9:49am

Hi @kahn,

You should be seeing a continuous stream of data flowing in. Do you see any error in your Filebeat/Elasticsearch logs?

Best regards

system · December 13, 2019, 11:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Not getting the filebeat updated in real-time on the kibana dashboard Kibana	6	2926	July 6, 2017
Filebeat appears to be running but not displayed on Kibana Beats filebeat	8	6489	March 21, 2017
Filebeat doesnt update the log file Kibana	5	386	February 21, 2020
No new data shown in Kibana Kibana	4	851	June 8, 2017
Kibana doesn't update properly once filebeat is stopped for sometime Beats filebeat	1	263	March 23, 2020

Filebeat data not being updated in Kibana

Related topics