I'm trying to activate the threatintel filebeat module for mining some data of otx alienvault, my module configuration looks like:
- module: threatintel
otx:
enabled: true
var.input: httpjson
var.url: https://otx.alienvault.com/api/v1/indicators/export
var.api_token: TOKEN
var.first_interval: 24h
var.lookback_range: 2h
var.interval: 60m
But when trying to setup the module:
./filebeat setup --modules threatintel
Exiting: module threatintel is configured but has no enabled filesets
The module worked well on 7.15.0, now on 8.2 gives me the error above.
ibra_013
May 6, 2022, 10:36am
2
Hi,
did you run the command ?
filebeat modules enable threatintel
Solved. some modules now not requires run the setup script to work. Works directly executing filebeat and puts the pipelines and templates if not set yet on Elasticsearch.
hello, I setup my filebeat on kubernetes.
and I need kafka module but still not find references."module kafka is configured but has no enabled filesets"
please explain more information, detail
It's no the same module, I simple configured my threatintel module as doc says. But i have no idea about kafka module
thank you. I found the cause my kafka version is latest so module does not support.
system
June 17, 2022, 2:48am
8
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
