Log Forwarding not working from any clients

Hi All,

I'm facing some weird situation. Recently, I installed ELK on Redhat which was successful. Now, I installed filebeat on client machine (Redhat) and log forwarding was happening, then went further and installed filebeat on second client machine (Suse) and that happened successful too. But after a day, I realized that log forwarding was not happening from redhat machine, Somehow I solved that case, but log forwarding has stopped from second machine Suse.

Right now, the situation is like log forwarding is happening only from one machine.

Apart, from that in output of curl -XGET 'http://localhost:9200/filebeat-*/_search?pretty' , there is only one client/hostname getting displayed.

Please help me !!!

Thank You

Could you check if the UUID in the meta.json file is the same?

Sorry, but can you please let me know how . I'm unaware

It is located under /var/lib/filebeat.

Hi Noemi,

Contents of meta.json is different for both filebeat client machines.

Hi Noemi,

Issue is bit different. Actually, log forwarding is not happening from any server. As soon as I delete and recreate /var/lib/filebeat/registry file on client machine, logs forwarding would start for some seconds and stops after that. Tried multiple times, but log forwarding is not happening from any machine.

Issue resolved. It was my bad:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.