Filebeat data not being updated in Kibana

kahn · November 11, 2019, 1:38pm

/var/log/*.log is currently being fetched and rendered in Kibana, but after the initial timestamp for which the index was created, no changing of timestamps or refreshing seems to pull new data in.

I am new to this stack - surely missing something simple. The search filter is on Today and I've updated several times. No new data comes through.

Kibana only seems to see new Filebeat data when the Filebeat service is restarted.

Here is the filebeat.yml:

filebeat:
  prospectors:
    -
      paths:
        - /var/log/*.log
        - /var/log/messages
        - /var/log/secure
      input_type: log
      document_type: syslog
  registry_file: /var/lib/filebeat/registry
output:
  elasticsearch:
    hosts: ["localhost:9200"]
  logstash:
    hosts: ["localhost:5044"]
shipper:
logging:
  files:

exekias · November 15, 2019, 9:49am

Hi @kahn,

You should be seeing a continuous stream of data flowing in. Do you see any error in your Filebeat/Elasticsearch logs?

Best regards

system · December 13, 2019, 11:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat appears to be running but not displayed on Kibana Beats filebeat	8	6479	March 21, 2017
Filebeat doesnt update the log file Kibana	5	386	February 21, 2020
Filebeat is not reading updated logfile Beats filebeat	6	1977	July 11, 2016
Facing delay in logs Beats filebeat	2	1124	August 2, 2019
Filebeat did not pass the file to Elasticsearch Beats filebeat	4	529	July 10, 2020

Filebeat data not being updated in Kibana

Related Topics