Log Forwarding not working from any clients


(Yashwant Shettigar) #1

Hi All,

I'm facing some weird situation. Recently, I installed ELK on Redhat which was successful. Now, I installed filebeat on client machine (Redhat) and log forwarding was happening, then went further and installed filebeat on second client machine (Suse) and that happened successful too. But after a day, I realized that log forwarding was not happening from redhat machine, Somehow I solved that case, but log forwarding has stopped from second machine Suse.

Right now, the situation is like log forwarding is happening only from one machine.

Apart, from that in output of curl -XGET 'http://localhost:9200/filebeat-*/_search?pretty' , there is only one client/hostname getting displayed.

Please help me !!!

Thank You


(Noémi Ványi) #2

Could you check if the UUID in the meta.json file is the same?


(Yashwant Shettigar) #3

Sorry, but can you please let me know how . I'm unaware


(Noémi Ványi) #4

It is located under /var/lib/filebeat.


(Yashwant Shettigar) #5

Hi Noemi,

Contents of meta.json is different for both filebeat client machines.


(Yashwant Shettigar) #6

Hi Noemi,

Issue is bit different. Actually, log forwarding is not happening from any server. As soon as I delete and recreate /var/lib/filebeat/registry file on client machine, logs forwarding would start for some seconds and stops after that. Tried multiple times, but log forwarding is not happening from any machine.


(Yashwant Shettigar) #7

Issue resolved. It was my bad: