Make idices

majidbarz · May 24, 2021, 8:57pm

HI
I use winlogbeats i want to get log from winlogbeats and send to logstash then logstash import to elasticsearch. default in /etc/logstash/conf.d doesnt exist winlogbeat and i use pipelines.yaml and make new file but i cant recive log and i do this thing from this [video] (How to processing log files using Filebeat, Logstash and Kibana - ElasticStack - YouTube) but in Index Management doesnt make winlogbeat

and in log of logstash get this
[2021-05-24T20:39:25,152][WARN ][org.logstash.instrument.metrics.gauge.LazyDelegatingGauge][winlogbeats] A gauge metric of an unknown type (org.jruby.RubyArray) has been create for key: cluster_uuids. This may result in invalid serialization.
please help me

charles97 · May 25, 2021, 2:07am

Hi,
I assume you have configure winlogbeat output to logstash by following this Instruction, and I assume this is new index.

What happens when you run your logstash without pipelines.yml
/usr/share/logstash/bin/logstash -f (yourconf).conf

To make everything easier, you might want to show your winlogbeat.yml and logstash.conf

Topic		Replies	Views
Logs don't show up when trying to use logstash Logstash docker	16	676	October 3, 2022
Unable to get winlogbeat to send to logstash Beats winlogbeat	29	6002	May 25, 2017
Changing winlogbeat from elasticsearch to logstash Beats winlogbeat	3	327	February 10, 2024
No matching indices found: No indices match pattern "winlogbeat-*" Beats winlogbeat	4	1434	April 29, 2019
Winlogbeat via Logstash into Elasticsearch Logstash	18	7782	July 22, 2017

Make idices

Related topics