Ingesting files from host with filebeat

I am following this tutorial here: https://kifarunix.com/install-and-configure-elastic-auditbeat-on-ubuntu-18-04/. Upon running this command:
curl -XGET 192.168.0.106:9200/_cat/indices?v
I do not see auditbeat listed. It does return indexes, but just not that one.

Greeting @droidus

What do you get when you run the below commands? Also I would follow our installation steps. The ones you linked to could be correct but I didn't verify.

service auditbeat status
auditbeat test config
auditbeat test output

` auditbeat.service - Audit the activities of users and processes on your system.
Loaded: loaded (/lib/systemd/system/auditbeat.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-11-06 16:25:01 EST; 27min ago
Docs: https://www.elastic.co/products/beats/auditbeat
Main PID: 3726 (auditbeat)
Tasks: 19 (limit: 4915)
Memory: 198.7M
CGroup: /system.slice/auditbeat.service
└─3726 /usr/share/auditbeat/bin/auditbeat --environment systemd -c /etc/auditbeat/auditbeat.yml --path.home /usr/share/audit

Nov 06 16:50:08 my-device auditbeat[3726]: 2020-11-06T16:50:08.194-0500 WARN [process] process/process.go:289
Nov 06 16:50:08 my-device auditbeat[3726]: 2020-11-06T16:50:08.195-0500 WARN [process] process/process.go:289
Nov 06 16:50:28 my-device auditbeat[3726]: 2020-11-06T16:50:28.188-0500 WARN [process] process/process.go:289
Nov 06 16:50:28 my-device auditbeat[3726]: 2020-11-06T16:50:28.188-0500 WARN [process] process/process.go:289
Nov 06 16:50:38 my-device auditbeat[3726]: 2020-11-06T16:50:38.171-0500 INFO [monitoring] log/log.go:145 Non-
Nov 06 16:50:48 my-device auditbeat[3726]: 2020-11-06T16:50:48.238-0500 WARN [process] process/process.go:289
Nov 06 16:51:08 my-device auditbeat[3726]: 2020-11-06T16:51:08.172-0500 INFO [monitoring] log/log.go:145 Non-
Nov 06 16:51:38 my-device auditbeat[3726]: 2020-11-06T16:51:38.170-0500 INFO [monitoring] log/log.go:145 Non-
Nov 06 16:51:48 my-device auditbeat[3726]: 2020-11-06T16:51:48.190-0500 WARN [process] process/process.go:289
Nov 06 16:52:08 my-device auditbeat[3726]: 2020-11-06T16:52:08.176-0500 INFO [monitoring] log/log.go:145 Non-`

For the test config, it just hangs.

logstash: 192.168.0.106:5044... connection... parse host... OK dns lookup... OK addresses: 192.168.0.106 dial up... OK TLS... WARN secure connection disabled talk to server... OK

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.