Metricbeat and Packetbeat


(Aviral Srivastava) #1

Hi,

My Linux system configuration shows

cat /etc/os-release

NAME="Red Hat Enterprise Linux Server"
VERSION="7.4 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="7.4"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.4 (Maipo)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.4:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.4
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.4"

uname -m

x86_64

Can I install any one of them : metricbeat 6.4.0 [ RPM 64-bit ] or metricbeat 6.4.0 [ LINUX 64-bit ] ?
If not then why what does difference will it make, based on my system configuration ?
Similarly for Packetbeat 6.4.0


(Mark Walkom) #2

You should really install using the RPM repo, it will make upgrades easier.


(Aviral Srivastava) #3

Thanks for the reply. I have installed metricbeat-6.4.0-x86_64.rpm

I ran below commands from path: /home/appm
curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-6.4.0-x86_64.rpm
sudo rpm -vi metricbeat-6.4.0-x86_64.rpm

According to the documentation, For rpm and deb, you’ll find the configuration file at `/etc/metricbeat/metricbeat.yml

But metricbeat.yml, is also present at location : /home/appm/metricbeat-6.4.0-linux-x86_64 folder

Why I am getting this at 2 locations and which file to modify ?


(Faulander) #4

Correct location for metricbeat is /etc/metricbeat.
It depends on the service installation, actually it doesn't matter where metricbeat.yml file is located, it's an arguments parsed to the metricbeat executable.

Is your system running with SystemD? Then you can check:
"/etc/systemd/system/multi-user.target.wants/metricbeat.service"
Line:
ExecStart=/usr/share/metricbeat/bin/metricbeat -c /etc/metricbeat/metricbeat.yml

the argument passed with "-c" is the metricbeat.yml used.


(Aviral Srivastava) #5

I started the metricbeat service using below command:
sudo service metricbeat start
Starting metricbeat (via systemctl): [ OK ]

It looks like metricbeat started successfully. But I am not getting any data in my elasticsearch node. I am also not able to access logs from folder /var/log/metricbeat folder
-bash: cd: metricbeat: Permission denied


(system) #6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.