Filebeat logging data from disabled modules

johnc1231 · July 25, 2019, 7:44pm

I am running filebeat as a DaemonSet on my Kubernetes cluster. The following is my configuration file:

filebeat.modules:
filebeat.inputs:
- type: container
  paths:
    - /var/log/containers/*.log
  processors:
    - add_kubernetes_metadata:
        in_cluster: true
        host: ${NODE_NAME}
        matchers:
        - logs_path:
            logs_path: "/var/log/containers/"
processors:
  - decode_json_fields:
        fields: ["message"]
        process_array: false
        max_depth: 1
        target: "json-message"
        overwrite_keys: false
  - add_cloud_metadata:

output.elasticsearch:
  hosts: ['${ELASTICSEARCH_HOST:elasticsearch}:${ELASTICSEARCH_PORT:9200}']
  username: ${ELASTICSEARCH_USERNAME}
  password: ${ELASTICSEARCH_PASSWORD}
setup.ilm.enabled: true
setup.ilm.rollover_alias: "filebeat"
setup.ilm.pattern: "{now/d}-000001"
setup.ilm.overwrite: true

Despite the fact that I have no modules specified, I'm somehow seeing every module's output enabled when I look at the filebeat elasticsearch index in kibana. Like I see fields for apache and cisco modules which I do not care about. Any idea why this would happen?

system · August 22, 2019, 7:44pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Modules system and nginx is not showing any data when looking in discover Beats filebeat	3	182	August 31, 2023
Filebeat on Kubernetes - How to get relevant kuberntes information into logs? Beats filebeat	2	451	January 6, 2020
"stdout only" logs not captured in filebeat while display file with kubectl logs pod Beats filebeat	1	323	January 17, 2023
Logging now working Beats filebeat	1	243	November 25, 2019
Filebeat as Daemonset for all Kubernetes Logs (including nginx) Beats filebeat	4	4109	March 2, 2019

Filebeat logging data from disabled modules

Related Topics