Fitebeat 6.3.1 system module issue

shaunak · July 25, 2018, 8:29pm

Alright, lets try one more thing.

Run curl -XDELETE "http://localhost:9200/_ingest/pipeline/filebeat-*"
Edit your filebeat.yml and add: filebeat.overwrite_pipelines: true
Start up filebeat

In your filebeat logs, check if you have two lines like these:

2018-07-25T13:29:18.570-0700    INFO    fileset/pipelines.go:62 Elasticsearch pipeline with ID 'filebeat-6.3.1-system-auth-pipeline' loaded
2018-07-25T13:29:18.591-0700    INFO    fileset/pipelines.go:62 Elasticsearch pipeline with ID 'filebeat-6.3.1-system-syslog-pipeline' loaded

Run curl -XGET "http://localhost:9200/_ingest/pipeline/file*syslog*" and post it's response here.

Topic		Replies	Views
Filebeat 6.3.2 syslogs are not logging to elastcisearch Beats filebeat	15	1037	October 30, 2018
Filebeats 6.2.3 system module not sending logs Beats filebeat	21	3816	April 30, 2018
FIlebeat Output Configuration Error Beats filebeat	26	618	September 9, 2024
Filebeat - Syslog module no auth.logs in Elastic Beats filebeat	15	6104	May 6, 2018
Logs time 6 hours behind local time Metrics	32	4538	April 27, 2019

Fitebeat 6.3.1 system module issue

Related topics