Filebeat modules Threatintel "Exiting: module threatintel is configured but has no enabled filesets"

I'm trying to activate the threatintel filebeat module for mining some data of otx alienvault, my module configuration looks like:

- module: threatintel
  otx:
    enabled: true
    var.input: httpjson
    var.url: https://otx.alienvault.com/api/v1/indicators/export
    var.api_token:  TOKEN
    var.first_interval: 24h
    var.lookback_range: 2h
    var.interval: 60m

But when trying to setup the module:

./filebeat setup --modules threatintel
Exiting: module threatintel is configured but has no enabled filesets

The module worked well on 7.15.0, now on 8.2 gives me the error above.

Hi,

did you run the command ?

filebeat modules enable threatintel

Solved. some modules now not requires run the setup script to work. Works directly executing filebeat and puts the pipelines and templates if not set yet on Elasticsearch.

hello, I setup my filebeat on kubernetes.

and I need kafka module but still not find references.
and every run returns to me error
"module kafka is configured but has no enabled filesets"

please explain more information, detail

It's no the same module, I simple configured my threatintel module as doc says. But i have no idea about kafka module :frowning:

thank you. I found the cause my kafka version is latest so module does not support.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.