I am using following elk components:
kibana 6.8.0
logstash 6.8.1
filebeat 7.3
I enabled mongodb modules for filebeat and now i can see mongo logs in kibana but i don't see any exported fields of mongodb module like "mongodb.log.message". I have same problems with elasticsearch module. Do i miss something? Should i change in logstash config?
Hi @Saeed_MH and welcome 
There are a couple of things that could be causing your problems.
First thing is the products compatibility, even if Filebeat 7.3 may work with these versions of Kibana, Elasticsearch and Logstsah, they are not supported to work together, so you would need to upgrade the stack to 7.X, or use Filebeat 6.8. Please check the compatibility matrix in https://www.elastic.co/support/matrix#matrix_compatibility
The other thing that can be happening is that logs collected by Filebeat modules are processed by Elasticsearch ingest pipelines. When Filebeat has direct access to Elasticsearch it can take care of installing the pipelines as needed, but if you are using Logstash as the output for Filebeat, you need to manually setup the pipelines. You can find more information about this in the documentation: https://www.elastic.co/guide/en/logstash/7.3/filebeat-modules.html
Thank's for your helps. I didn't config logstash for piplines and that was the problem.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.