Filebeat logging data from disabled modules

johnc1231 · July 25, 2019, 7:44pm

I am running filebeat as a DaemonSet on my Kubernetes cluster. The following is my configuration file:

filebeat.modules:
filebeat.inputs:
- type: container
  paths:
    - /var/log/containers/*.log
  processors:
    - add_kubernetes_metadata:
        in_cluster: true
        host: ${NODE_NAME}
        matchers:
        - logs_path:
            logs_path: "/var/log/containers/"
processors:
  - decode_json_fields:
        fields: ["message"]
        process_array: false
        max_depth: 1
        target: "json-message"
        overwrite_keys: false
  - add_cloud_metadata:

output.elasticsearch:
  hosts: ['${ELASTICSEARCH_HOST:elasticsearch}:${ELASTICSEARCH_PORT:9200}']
  username: ${ELASTICSEARCH_USERNAME}
  password: ${ELASTICSEARCH_PASSWORD}
setup.ilm.enabled: true
setup.ilm.rollover_alias: "filebeat"
setup.ilm.pattern: "{now/d}-000001"
setup.ilm.overwrite: true

Despite the fact that I have no modules specified, I'm somehow seeing every module's output enabled when I look at the filebeat elasticsearch index in kibana. Like I see fields for apache and cisco modules which I do not care about. Any idea why this would happen?

system · August 22, 2019, 7:44pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Modules system and nginx is not showing any data when looking in discover Beats filebeat	3	182	August 31, 2023
Filebeat on Kubernetes - How to get relevant kuberntes information into logs? Beats filebeat	2	451	January 6, 2020
Logging now working Beats filebeat	1	243	November 25, 2019
Filebeat as Daemonset for all Kubernetes Logs (including nginx) Beats filebeat	4	4113	March 2, 2019
Filebeat unable obtain kubernetes metadata Beats docker , filebeat	2	888	September 23, 2020

Filebeat logging data from disabled modules

Related topics