Filebeat statup error

Joe_Yang · August 2, 2017, 8:22am

Following this offical doc(https://www.elastic.co/guide/en/logstash/5.4/advanced-pipeline.html) to run filebeat hits the folllowing error:

./filebeat -e -c filebeat.yml -d "publish"

2017/08/02 08:15:24.372074 output.go:109: DBG output worker: publish 50 events
2017/08/02 08:15:24.451565 single.go:140: ERR Connecting error publishing events (retrying): Get http://localhost:5043: read tcp 127.0.0.1:36296->127.0.0.1:5043: read: connection reset by peer

first-pipeline.conf:
input {
beats {
port => "5043"
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}"}
}
geoip {
source => "clientip"
}
}
output {
elasticsearch {
hosts => [ "localhost:9200" ]
}
}

filebeat.prospectors:

input_type: log
- /home/mysqlmove/logstash-5.5.1/*.log
  output.elasticsearch:
  hosts: ["localhost:5043"]

any advice wourld be appreciated

magnusbaeck · August 2, 2017, 8:37pm

If you want Filebeat to send to Logstash you need to configure it to use a Logstash output instead of an Elasticsearch output.

https://www.elastic.co/guide/en/beats/filebeat/current/config-filebeat-logstash.html

system · August 30, 2017, 8:38pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeats: ERR Connecting error publishing events Logstash	2	3174	June 29, 2017
Filebeat write:connection reset by peer Beats filebeat	9	12361	February 23, 2018
Filebeat error failed to publish events caused connection reset by peer Beats filebeat	6	9989	April 27, 2021
Filebeat connection reset by peer - new install Beats filebeat	9	5557	March 6, 2017
Connection reset by peer Beats filebeat	2	362	September 17, 2021

Filebeat statup error

Related topics