I have Installed Filebeat on my application server and ELK stack on another server. I have configured filebeat output to Elasticsearch and I started seeing logs on Kibana. But in few minutes logs stopped shipping. I restarted Filebeat and Application server and again logs started to display on Kibana for few minutes. Could someone please help me what could be the reason for this. Do I need to optimize/fine tune Filebeat or elasticsearch? I am a newbie to ELK. Appreciate your support. Thanks.
The output in filebeat.yml is configured to Elasticsearch only and commented out other fields.
Ruflin, I am not able to paste the full yml file here.
Below is what configured in output,
elasticsearch:
# Array of hosts to connect to.
# Scheme and port can be left out and will be set to the default (http and 9200)
# In case you specify and additional path, the scheme is required: http://localhost:9200/path
# IPv6 addresses should always be defined as: https://[2001:db8::1]:9200
hosts: ["10.30.66.227:9200"]
I have not made any other custom changes to YML file.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.