Make idices

majidbarz · May 24, 2021, 8:57pm

HI
I use winlogbeats i want to get log from winlogbeats and send to logstash then logstash import to elasticsearch. default in /etc/logstash/conf.d doesnt exist winlogbeat and i use pipelines.yaml and make new file but i cant recive log and i do this thing from this [video] (How to processing log files using Filebeat, Logstash and Kibana - ElasticStack - YouTube) but in Index Management doesnt make winlogbeat

and in log of logstash get this
[2021-05-24T20:39:25,152][WARN ][org.logstash.instrument.metrics.gauge.LazyDelegatingGauge][winlogbeats] A gauge metric of an unknown type (org.jruby.RubyArray) has been create for key: cluster_uuids. This may result in invalid serialization.
please help me

charles97 · May 25, 2021, 2:07am

Hi,
I assume you have configure winlogbeat output to logstash by following this Instruction, and I assume this is new index.

What happens when you run your logstash without pipelines.yml
/usr/share/logstash/bin/logstash -f (yourconf).conf

To make everything easier, you might want to show your winlogbeat.yml and logstash.conf

system · June 22, 2021, 2:07am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.