When I'm Running FileBeat to Send the Log File from path
using the following filebeat.yml file
filebeat.prospectors:
type: log
type: log
C:\ProgramData\Elastic\Elasticsearch\logs\elasticsearch.log
Array of hosts to connect to.
hosts: ["localhost:9200"]
No Index is Created in ElasticSearch and on Using the Packet Filtering to find where all the data was going it was sending /get request on http://localhost:9200/.kibana/_mappings is that normal or does that has to do anything with setup.kibana in .yml file
adrisr
June 6, 2018, 4:37pm
2
Can you paste your configuration using the </> button so it's legible?
filebeat.prospectors:
- type: log
enabled: false
paths:
- C:\ProgramData\Elastic\Elasticsearch\logs\elasticsearch.log
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
setup.template.settings:
index.number_of_shards: 3
setup.kibana:
output.elasticsearch:
hosts: ["localhost:9200"]
Hi,
Please set this parameter true in your config file as it will enable the prospector and try it with restart your services.
And please be ensure that your elasticsearch running on localhost or provide your elasticsearch IP in below section.
If you still are getting error then please share filebeat logs to identify the issue.
log file path: /var/log/filebeat/filebeat
Regards,
Tried Using Enabled True and and checked for Hosts settings , have installed the filebeat as service in the windows services so have restarted it multiple times but the filebeat is not creating any logs
//I'm a beginner need a basic 101 example of setting up filebeat to send logs to elasticsearch any step by step tutorial on that ?
Could you please share the filebeat logs while starting service. it will be easy to understand your issue and help me to resolve.
Regards,
Here is my Filebeat Log File
filebeat.log
2018-06-07T13:28:35.061+0530 INFO instance/beat.go:468 Home path: [C:\Program Files (x86)\ELK\filebeat] Config path: [C:\Program Files (x86)\ELK\filebeat] Data path: [C:\Program Files (x86)\ELK\filebeat\data] Logs path: [C:\Program Files (x86)\ELK\filebeat\logs]
2018-06-07T13:28:35.070+0530 INFO instance/beat.go:475 Beat UUID: 4f256bbb-e649-4518-a5ae-63f0e7b349c3
2018-06-07T13:28:35.070+0530 INFO instance/beat.go:213 Setup Beat: filebeat; Version: 6.2.4
2018-06-07T13:28:35.071+0530 INFO elasticsearch/client.go:145 Elasticsearch url: http://localhost:9200
2018-06-07T13:28:35.071+0530 INFO pipeline/module.go:76 Beat name: HarshitWin10
2018-06-07T13:28:35.072+0530 WARN [cfgwarn] instance/beat.go:283 DEPRECATED: -configtest flag has been deprecated, use configtest subcommand Will be removed in version: 6.0
2018-06-07T13:28:35.072+0530 INFO [monitoring] log/log.go:97 Starting metrics logging every 30s
2018-06-07T13:28:35.192+0530 INFO [monitoring] log/log.go:132 Total non-zero metrics {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":46,"time":46},"total":{"ticks":46,"time":46,"value":46},"user":{"ticks":0,"time":0}},"info":{"ephemeral_id":"f5af6bd2-dd1f-4377-8b88-2a4d53259aad","uptime":{"ms":47}},"memstats":{"gc_next":4194304,"memory_alloc":2890472,"memory_total":2890472,"rss":17211392}},"filebeat":{"harvester":{"open_files":0,"running":0}},"libbeat":{"config":{"module":{"running":0}},"output":{"type":"elasticsearch"},"pipeline":{"clients":0,"events":{"active":0}}},"registrar":{"states":{"current":0}},"system":{"cpu":{"cores":4}}}}}
2018-06-07T13:28:35.192+0530 INFO [monitoring] log/log.go:133 Uptime: 167.1134ms
2018-06-07T13:28:35.192+0530 INFO [monitoring] log/log.go:110 Stopping metrics logging.
is your elasticsearch install on same node or different node??
Same Node (Everything is installed Locally on same System)
After Changing it to
From Original- without space after bracket it started working ,and also changed the location of Log Directory
hosts: ["localhost:9200"]
system
July 5, 2018, 1:01pm
13
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.