Logs are being written there. Here are a few lines from the log, just pasting 1 from each step,
[2017-04-21T11:26:29,938][DEBUG][logstash.plugins.registry] On demand adding plugin to the registry {:name=>"beats", :type=>"input", :class=>LogStash::Inputs::Beats}
2017-04-21T02:36:31+05:30 INFO Non-zero metrics in the last 30s: filebeat.harvester.open_files=2 filebeat.harvester.running=2 filebeat.harvester.started=2 libbeat.publisher.published_events=2046
Logs are being written there. Here are a few lines from the log, just pasting 1 from each step,
Okay, but those are just early debug-level logs. Are there any errors or warnings? Is Logstash starting up properly? Do you have any firewall or similar that might be blocking the access? Have you checked with e.g. netstat whether Logstash is in fact listening on the port?
How can we specify the index name when writing from filebeat to logstash and then to elasticsearch ?
It's Logstash that chooses the index name based on the index option of its elasticsearch output.
Have you started a logstash pipeline properly?
Try to start a pipeline using the following command.
And include your configuration options in the first-pipeline.conf file
Go to your bin folder of logstash using the command-line and try to execute the following command and check whether the pipeline has started properly.
C:\elk\logstash-5.1.2\bin>logstash -f first-pipeline.conf --config.reload.automatic
After the pipeline has successfully started following message will be displayed.
11:43:35.045 [[main]-pipeline-manager] INFO logstash.pipeline - Pipeline main started
11:43:35.120 [Api Webserver] INFO logstash.agent - Successfully started Logstash API endpoint {:port=>9600}
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.