Linux file beat configuration not working

Kannan_Rajendran · September 9, 2021, 5:22am

i'm trying to take log from linux machine with oracle database installed. Based on the below configuration the filebeat doesn't pull any info to elastic search.

filebeat.inputs:
- type: log
  enabled: true
  paths:
    - /u01/app/oracle/diag/rdbms/trace/alert_oracle*.log
  fields:
   log-type: "oracledb"
   log-subtype: "alertlog"
   customer: "default"
   n4-type: "dbalert"
  multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2}'
  multiline.negate: true
  multiline.match: after
  ignore_older: 168h
  close_inactive: 24h

output.logstash:
  hosts: ["logstash host server":5044"]
  loadbalance: true

can anyone advice how the filebeat yml file need to be configured for linux?

ChrsMark · September 9, 2021, 10:18am

Hi @Kannan_Rajendran !

It seems that we are setting Filbeat to send logs to Logstash:

Is this what you want?

system · October 7, 2021, 12:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat is running but not sending logs/data to logstash Beats filebeat	2	996	September 4, 2019
Filebeat not reading logs from log files .Non-zero metrics in the last 30s Beats filebeat	8	976	August 8, 2018
Filebeat dont work properly Beats filebeat	17	1703	June 15, 2020
Filebeat is not sending the log data to Elasticsearch Beats	1	1332	December 10, 2018
Filebeat, Kibana and ElasticSearch are configured, but not reading log files Beats filebeat	6	1491	August 14, 2020

Linux file beat configuration not working

Related topics