@Jenni, could you please the process (step by step) to send the data directly to elastic search and used dashboards send by filebeat or built in kibana?
Below is the configuration:
filebeat.inputs:
-
type: log
enabled: truepaths:
- D:\sample_log*
fields:
apache: true
fields_under_root: true
multiline.pattern: '^[[0-9]{4}-[0-9]{2}-[0-9]{2}'
multiline.negate: true
multiline.match: after
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: true
setup.template.settings:
index.number_of_shards: 1
setup.kibana:
host: "http://192.168.1.115:5601"
output.elasticsearch:
hosts: ["192.168.1.115:9200"]
username: "user"
password: "123456"
===================LogStash=================================
input
{
beats
{
ssl => false
host => "0.0.0.0"
port => 5044
}
}
output
{
elasticsearch
{
hosts => ["127.0.0.1:9200"]
document_id => "%{logstash_checksum}"
}
}
Finally I was able to send the logs direct to elastic search without any packet loss and found the issue is with FileBeat Version, Previously I were using Non-OSS.
Now, I would like to use apache filebeat module but i am receiving below error:
"No data has been received from this module yet"
Below is the status for uploaded file:
Receiving Error:
I have uploaded all the dashboards.
Could anyone check and let me know next step?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.