Filebeat is not sending data to Elasticsearch

solo · March 14, 2018, 2:07pm

I have a standard Ubuntu 17.10 installation.
I've installed elasticsearch, kibana and filebeat.
Filebeat is processing data from a log file named fuse.log, but it is not sending it to Elasticsearch.
I'm not sure where it is sending it...

Log output: https://pastebin.com/5Y7tByxn

Here is my /etc/filebeat/filebeat.yml:

#=========================== Filebeat prospectors =============================

filebeat.prospectors:

# Each - is a prospector. Most options can be set at the prospector level, so
# you can use different prospectors for various configurations.
# Below are the prospector specific configurations.

- type: log

  # Change to true to enable this prospector configuration.
  enabled: true

  # Paths that should be crawled and fetched. Glob based paths.
  paths:
    - /home/sindre/Temp/FileBeatInput/*.log
    #- c:\programdata\elasticsearch\logs\*

#============================= Filebeat modules ===============================

filebeat.config.modules:
  # Glob pattern for configuration loading
  path: ${path.config}/modules.d/*.yml

  # Set to true to enable config reloading
  reload.enabled: false

  # Period on which files under path should be checked for changes
  #reload.period: 60s

#==================== Elasticsearch template setting ==========================

setup.template.settings:
  index.number_of_shards: 3
  #index.codec: best_compression
  #_source.enabled: false


# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
# This requires a Kibana endpoint configuration.
setup.kibana:

  # Kibana Host
  # Scheme and port can be left out and will be set to the default (http and 5601)
  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
host: "localhost:5601"


#================================ Outputs =====================================

# Configure what output to use when sending the data collected by the beat.

#-------------------------- Elasticsearch output ------------------------------
output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["localhost:9200"]

  # Optional protocol and basic auth credentials.
  #protocol: "https"
  #username: "elastic"
  #password: "changeme"

ruflin · March 15, 2018, 11:53am

The part of the log you shared all looks normal. Why do you think the data does not arrive on the Elasticsearch side?

solo · March 15, 2018, 2:46pm

I managed to get it working.
It was the user owner of the folders in Linux.

system · April 12, 2018, 2:47pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat --> Logstash works but directly to Elasticsearch = nothing Beats filebeat	5	542	April 10, 2018
Filebeat is not sending data to logstash from windows client Logstash	2	1197	January 10, 2018
Filebeat, Kibana and ElasticSearch are configured, but not reading log files Beats filebeat	6	1491	August 14, 2020
Filebeat not sending data to Elasticsearch or Logstash Beats filebeat	3	7413	May 2, 2018
I have installed File beat 7.17.3 version on a Windows server, it is not getting the logs to the ELK Server Elasticsearch	2	210	August 11, 2022

Filebeat is not sending data to Elasticsearch

Related topics