Importing logs using metricbeat

Hi i am new to elk....can someone help me what if I disable the logstash output and enable elasticsearch output in metricbeat.yml while importing data from different servers using metricbeat?

Hi @Vikash_Singh1 :slight_smile:

I'm afraid I don't understand the question well. You can either configure output to Elasticsearch or to Logstash and you can do it with Metricbeat, yes, from different servers. https://www.elastic.co/guide/en/beats/metricbeat/current/metricbeat-getting-started.html

In any case, reading the title of your question, logs must be imported with Filebeat https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-getting-started.html

can we create filters while importing logs from elasticsearch??

Hi @Vikash_Singh1

Still the question is a bit confusing because this is the forum for Metricbeat so we it's expected to receive metrics questions.

If you are working with logs, you should look at Filebeat but, in any case, if you want to extract logs FROM Elasticsearch while creating filters, that's just plain querying to Elasticsearch https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html without involving Metricbeat or Filebeat.

If what you want is to import logs TO Elasticsearch and perform some filtering to them, then you should look at Logstash https://www.elastic.co/products/logstash or the Ingest Node https://www.elastic.co/products/logstash

How can I write/define filters for metricbeat?

https://www.elastic.co/guide/en/beats/metricbeat/current/filtering-and-enhancing-data.html

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.