I configure filbeat in my client host, and when i configure my filebeat.yml and enable
output.elasticsearh and output.logstash , there is an error when i start my filebeat service.
in the error is : filebeat[18412]: Exiting: error unpacking config data: more than one namespace configured accessing 'output' (source:'/etc/filebeat/filebeat.yml'
cant we enable the output.elasticsearh and output.logstash in same time?
i am using elk 6.2.4
Beats only support an only output at a time, if you need to send events from beats to multiple stores you can use logstash, for that configure beats to send events to logstash and logstash to send the events to multiple outputs.
Yup,only one output at a time.either elasticsearch or logstash
Thank u sir. im new in elk, can u give some advices whis one is better to use, if i want to log my application and service on my client host?
because i read some article that use outpur.logstash and some use output.elasticsearch.
im getting confuse.
Thank u sir. im new in elk, can u give some advices whis one is better to use, if i want to log my application and service on my client host?
because i read some article that use output.logstash and some use output.elasticsearch.
im getting confuse.
In principle if you are starting with the Elastic Stack you probably want to use only Elasticsearch.
You can add Logstash to your architecture if you need more advanced features, like multiple outputs or advanced data filtering. You can also need logstash if you don't want your beats to have direct access to the Elasticsearch cluster. If you add logstash then you use the Logstash output instead of the Elasticsearch one, and have Elasticsearch as an output in Logstash.
oke noted sir, thank you for advices.
i just used elasticsearch ouput, for using filebeat dashboard with variant index, because when i use logstash ouput , there is some index that can't load in dashboard.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.