Filebeat system module does not send process name

Cruz · August 23, 2023, 4:13am

Does anyone encounter this?

There is no data in field: process name

grfneto · August 23, 2023, 5:28pm

Hi @Cruz

Did you filter events in discovery? Did you check if you have any date/time filters that could harm the dashboard?

A good tip is to confirm if there are process events being collected by the agents, through the discovery module.

Best regards

Cruz · August 23, 2023, 11:49pm

Hi @grfneto, thank you for your kind response.

I tried to filter it on the discovery module but there is no logs found.

What is the problem with this?
my filebeat shipper installed on my test server in Ubuntu OS.
I installed a new Ubuntu OS and tried to setup the filebeat there but encountered the same issue.
I just followed the instruction here Filebeat Installation GUIDE

I am using ELK version 8.7.0 and filebeat is also version 8.7.0

grfneto · August 24, 2023, 7:10pm

Hi @Cruz

Does your filebeat send any data to elasticsearch?

Could you share with us filebeat.yml

stephenb · August 24, 2023, 10:25pm

BTW that is an invalid KQL query should be

process.name: *

system · September 22, 2023, 12:25am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat System module not sending process name when using Logstash as a output Beats filebeat	6	788	March 2, 2021
Filebeat > Kafka > ES > Kibana Beats filebeat	4	383	July 14, 2021
Auditbeat 7.8.0 stuck: process running but no data sent to Elasticsearch Beats auditbeat	1	343	December 11, 2020
Filebeat doesn't send logs to elasticsearch Beats filebeat	3	340	June 21, 2022
Doubts about how exclude events by the process name with filebeat Logs	3	936	January 7, 2022

Filebeat system module does not send process name

Related topics