Hi Guys,
I have installed following packages,
metricbeat-5.0.0_alpha4-1.x86_64
logstash-5.0.0~alpha4-1.noarch
kibana-5.0.0_alpha4-1.x86_64
elasticsearch-5.0.0_alpha4-1.noarch
and metricbeat work fine when I send it to elastichseatch directly. However the nodes are sending through logstash dosen't show up in beats dashboard ! do you have any idea how to troubleshoot this.
Thanks
Providing your LS config would be helpful.
Thanks for reply,
I realized the issue is the index.
logsteash index called logstash-* and metricbeat index called metricbeats-*
The dashboard however looks at metricbeats-* index.
Can I chaneg the index name in logstash to be mnetricbeats-* ?
Can I chaneg the index name in logstash to be mnetricbeats-* ?
Yes, use the index option for Logstash's elasticsearch output.
What about the other Beats? Do I need to make different Logstash pipes with each own point of input (say ports 5044-5048) and -output to Elasticsearch with their own specific indexname?
I am fairly new to Elastic Stack (or ELK) and I am a bit confused about the role of Logstash in conjunction with the Beats. Because Beats ships with dashboard you can import easily... But these dashboards uses the different Beats indexes (metric, packet, etc.) by default. If you use Logstash, then everything is indexed in 'logstash-*' by default, or you have to configure Logstash to use different indexes.
You could let the Beats index their data right into Elasticsearch. But then you cannot enrich the data if you want... am I correct?
How would you set this all up when you want to make use of the Beats, Logstash and(!) the dashboards shipped with Beats?
I will, thank you.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.