Fitebeat 6.3.1 system module issue

shaunak · July 25, 2018, 8:29pm

Alright, lets try one more thing.

Run curl -XDELETE "http://localhost:9200/_ingest/pipeline/filebeat-*"
Edit your filebeat.yml and add: filebeat.overwrite_pipelines: true
Start up filebeat

In your filebeat logs, check if you have two lines like these:

2018-07-25T13:29:18.570-0700    INFO    fileset/pipelines.go:62 Elasticsearch pipeline with ID 'filebeat-6.3.1-system-auth-pipeline' loaded
2018-07-25T13:29:18.591-0700    INFO    fileset/pipelines.go:62 Elasticsearch pipeline with ID 'filebeat-6.3.1-system-syslog-pipeline' loaded

Run curl -XGET "http://localhost:9200/_ingest/pipeline/file*syslog*" and post it's response here.

Topic		Replies	Views
Filebeat 6.3.2 syslogs are not logging to elastcisearch Beats filebeat	15	978	October 30, 2018
Filebeat 7.3 Timezone Issues with System Module Beats filebeat	6	1007	September 18, 2019
Filebeat system module auth log timezone conversion problem Beats filebeat	7	2318	August 16, 2018
Filebeat 6.2.1 system module does not convert timestamp with timezone Beats filebeat	3	4639	March 13, 2018
Filebeat 6.4.2 the timestamp is not right Beats filebeat	6	2258	November 15, 2018

Fitebeat 6.3.1 system module issue

Related topics