Thhis is my filebeat.yml -
_ # - /etc/pki/tls/certs/logstash-beats.crt_
For a starter, it will be dependant on the version of Elastic Stack you are using. For example, looking at your config file, in the latest version of Elastic Stack "prospectors" are deprecated in favor of "inputs". Secondly, under "output", you will need to provide Eleasticsearch username & password.
Here are a few suggestions:
- In non-swarm mode, here is an example on how to run Filebeat docker container: https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html
- Ensure you bind mount volumes (locations of logs that are to be shipped to Elasticsearch) as part of your docker run command
- You will need to look at the config reference file at https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-reference-yml.html and configure filebeat as per your scenario
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.