I dont see any filebeat index created on the elastic search

dubul · July 15, 2016, 3:19am

I have changed the output to elasticsearch in filebeat.yml. I dont see any index on elasticsearch and kibana.
i have started filebeat by using the command ./filebeat -e -c filebeat.yml -d "publish". I can see it publishing events, but i dont find logs on the elasticsearch and kibana.

I want to move the file with logs on machine A to machine B[elk server]. Can Anyone help me out in solving the issue. I want to move the logs from the machine A to elk server and get stored and displayed on kibana.

Can anyone guide me in this(I have followed the filebeat way of shipping), and how to give the path for this log files to get stored in elk server ( for example i want to store it in F:\logs

PhaedrusTheGreek · July 20, 2016, 3:16pm

@dubul,

If Filebeat is reporting that events are being published, then perhaps we should double check on Elasticsearch.

You can see the created Indices, and document count with this command:

curl -XGET "http://127.0.0.1:9200/_cat/indices?v"

If you are still having trouble, please post the filebeat output and the curl output here.