Hi All,
First time implementing filebeat 8.9 on windows to pick files from Samba share and send it to Elasticsearch. The netwoek firewall rules has been allowed and telnet is also happening from windows server. We are getting below error while running the setup.
Overwriting ILM policy is disabled. Set setup.ilm.overwrite: true for enabling.
Exiting: failed to check for policy name 'filebeat': (status=401) {"Message":"Your request: '/_ilm/policy/filebeat' is n
ot allowed."}: 401 Unauthorized: {"Message":"Your request: '/_ilm/policy/filebeat' is not allowed."}
Also we are unable to restart the filebeat services. Below is the configuration
filebeat.inputs:
output.elasticsearch:
bulk_max_size: 10
hosts: ['awshost']
ilm.enabled: auto
indices:
- index: universe-logs-%{+yyyy}-w%{+ww}
setup.ilm.enabled: false
Logging:
json: true
level: error
to_files: true
files:
path: \samba share\logs*.log
name: filebeat.log
keepfiles: 7