Need help in configuring filebeat 8.9 on windows server 2012 R2

Shan2 · August 1, 2023, 4:36pm

Hi All,

First time implementing filebeat 8.9 on windows to pick files from Samba share and send it to Elasticsearch. The netwoek firewall rules has been allowed and telnet is also happening from windows server. We are getting below error while running the setup.

Overwriting ILM policy is disabled. Set setup.ilm.overwrite: true for enabling.

Exiting: failed to check for policy name 'filebeat': (status=401) {"Message":"Your request: '/_ilm/policy/filebeat' is n
ot allowed."}: 401 Unauthorized: {"Message":"Your request: '/_ilm/policy/filebeat' is not allowed."}

Also we are unable to restart the filebeat services. Below is the configuration

filebeat.inputs:

type: filestream
id: my-filestream-id
enabled: true
prospectors:
paths:
- \samba share\logs*.log

output.elasticsearch:
bulk_max_size: 10
hosts: ['awshost']
ilm.enabled: auto
indices:

index: universe-logs-%{+yyyy}-w%{+ww}
setup.ilm.enabled: false

Logging:
json: true
level: error
to_files: true
files:
path: \samba share\logs*.log
name: filebeat.log
keepfiles: 7

system · August 29, 2023, 6:37pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can we use filebeat to send data to AWS elasticsearch service? Beats filebeat	5	424	December 29, 2020
Where do is set setup.ilm.overwrite: true Beats ilm-index-lifecycle-management , filebeat	3	12891	September 17, 2020
Filebeats ILM permission error Beats elastic-stack-security , ilm-index-lifecycle-management	4	2319	February 10, 2020
ILM settings not working Beats elastic-stack-monitoring , filebeat	8	4609	August 21, 2019
Filebeat module custom policy management Beats filebeat	1	252	June 22, 2020

Need help in configuring filebeat 8.9 on windows server 2012 R2

type: filestream id: my-filestream-id enabled: true prospectors:

Related topics

type: filestream
id: my-filestream-id
enabled: true
prospectors: