@Jenni, could you please the process (step by step) to send the data directly to elastic search and used dashboards send by filebeat or built in kibana?

@Jenni,

Below is the configuration:

filebeat.inputs:

• type: log
  enabled: true

  paths:
  - D:\sample_log*

fields:
apache: true
fields_under_root: true
multiline.pattern: '^[[0-9]{4}-[0-9]{2}-[0-9]{2}'
multiline.negate: true
multiline.match: after

filebeat.config.modules:

path: ${path.config}/modules.d/*.yml
reload.enabled: true

setup.template.settings:
index.number_of_shards: 1

setup.kibana:
host: "http://192.168.1.115:5601"

output.elasticsearch:

hosts: ["192.168.1.115:9200"]
username: "user"
password: "123456"

===================LogStash=================================

input
{
beats
{
ssl => false
host => "0.0.0.0"
port => 5044
}

}

output
{
elasticsearch
{
hosts => ["127.0.0.1:9200"]
document_id => "%{logstash_checksum}"
}
}

@kelk and @Jenni @kvch

Finally I was able to send the logs direct to elastic search without any packet loss and found the issue is with FileBeat Version, Previously I were using Non-OSS.

Now, I would like to use apache filebeat module but i am receiving below error:

"No data has been received from this module yet"

Below is the status for uploaded file:

image986×71 4.38 KB

image1572×389 33.1 KB

Receiving Error:

image765×83 4.68 KB

I have uploaded all the dashboards.

Could anyone check and let me know next step?