Hi Team, I have 2 node Elasticsearch cluster on docker. I was enabled slow logs and logs file storing at /var/log/elasticsearh/<cluster_name__index_indexing_slowlog.log>
so that i configured filebeat as
filebeat.config:
modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
filebeat.modules:
- module: elasticsearch
server:
enabled: true
var.paths:
- /var/log/elasticsearch/*.json
slowlog:
enabled: true
var.paths:
- /var/log/elasticsearch/*_index_search_slowlog.log
output.elasticsearch:
enabled: true
hosts:
- localhost:9200
- localhost:9400
protocol: "https"
username: "uname"
password: "pwd"
loadbalance: true
ssl.verification_mode: none
setup.kibana:
host: "localhost:5601"
username: "uname"
password: "pwd"
# ================================== Logging ===================================
#logging.to_files: true
#logging.files:
# Configure the path where the logs are written. The default is the logs directory
# under the home path (the binary location).
# path: /var/log/filebeat
# The name of the files where the logs are written to.
# name: filebeat
# ============================= X-Pack Monitoring ==============================
monitoring.enabled: true
monitoring.cluster_uuid: "xxxxxxxxxxxxxxxx"
monitoring.elasticsearch:
hosts:
- localhost:9200
- localhost:9400
protocol: "https"
username: "uname"
password: "pwd"
ssl.verification_mode: none
#migration.6_to_7.enabled: false
but in kibana i am unable to see that slow logs i can see onlu server logs at cluster monitoring tab.
