Hi, I'm trying to setup a metricbeat on a MacBook for test purposes.
My ELK Stack is running in docker dontainers (docker-elk) which I updated to 7.4.2.
I setup the metricbeat in Kibana, setup the dashboards and the metricbeat index is showing up in the elasticsearch index management.
I can start the metricbeat without any problem on my Mac but it's data won't show up in elasticsearch:
curl -XGET 'http://localhost:9200/metricbeat-*/_search?pretty'
{
"took" : 1,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 0,
"relation" : "eq"
},
"max_score" : null,
"hits" :
}
}
I tested the metricbeat config, modules and the output. Everything seems to be fine. I'm also just running the system module with the standard config.yml
Here is my metricbeat.yml :
#========================= Central Management =================================
# Beats is configured under central management, you can define most settings
# from the Kibana UI. You can update this file to configure the settings that
# are not supported by Kibana Beats management.
management:
enabled: true
period: 1m0s
events_reporter:
period: 30s
max_batch_size: 1000
access_token: ${management.accesstoken}
kibana:
protocol: http
host: localhost:5601
ssl: null
timeout: 10s
ignoreversion: true
blacklist:
output: console|file
logging.level: info
logging.to_files: true
logging.files:
path: /var/log/metricbeat
name: metricbeat
keepfiles: 7
permissions: 0644
metricbeat.config.modules:
path: ${path.config}/modules.d/*.yml
#----------------------------- Elasticsearch output -------------------------
output.elasticsearch:
hosts: ["localhost:9200"]
username: "elastic"
password: "changeme"
#----------------------------- Kibana output --------------------------------
setup.kibana:
host: "localhost:5601"
username: "elastic"
password: "changeme"
dashboards.enabled: false
#----------------------------- Logstash output --------------------------------
# output.logstash:
# hosts: ["localhost:5044"]
# username: "elastic"
# password: "changeme"
#================================ General =====================================
# The name of the shipper that publishes the network data. It can be used to group
# all the transactions sent by a single shipper in the web interface.
#name:
# The tags of the shipper are included in their own field with each
# transaction published.
#tags: ["service-X", "web-tier"]
# Optional fields that you can specify to add additional information to the
# output.
#fields:
# env: staging
#================================ Logging =====================================
# Sets log level. The default log level is info.
# Available log levels are: error, warning, info, debug
#logging.level: debug
# At debug level, you can selectively enable logging only for some components.
# To enable all selectors use ["*"]. Examples of other selectors are "beat",
# "publish", "service".
#logging.selectors: ["*"]
#============================== X-Pack Monitoring ===============================
# metricbeat can export internal metrics to a central Elasticsearch monitoring
# cluster. This requires xpack monitoring to be enabled in Elasticsearch. The
# reporting is disabled by default.
# Set to true to enable the monitoring reporter.
#monitoring.enabled: false
# Uncomment to send the metrics to Elasticsearch. Most settings from the
# Elasticsearch output are accepted here as well.
# Note that the settings should point to your Elasticsearch *monitoring* cluster.
# Any setting that is not set is automatically inherited from the Elasticsearch
# output configuration, so if you have the Elasticsearch output configured such
# that it is pointing to your Elasticsearch monitoring cluster, you can simply
# uncomment the following line.
#monitoring.elasticsearch:
I could really use some help.
Thanks in advance.