No data has been received from Functionbeat yet

I have installed and configured functionbeat on the elk server.
Installation and configuration was successful but unable to pull logs on kibana.

functionbeat.yml : ""
# Configure which S3 bucket we should upload the lambda artifact. "abcde"
  # Define the list of function availables, each function required to have a unique name.
  # Create a function that accepts events coming from cloudwatchlogs.
  - name: cloudwatch-logs
    enabled: true
    type: cloudwatch_logs

    # List of cloudwatch log group registered to that function.
      - log_group_name: abcdef

# This requires a Kibana endpoint configuration.

  # Kibana Host
  # Scheme and port can be left out and will be set to the default (http and 5601)
  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
  host: "pri.ip:5601"

  # Kibana Space ID
  # ID of the Kibana Space into which the dashboards should be loaded. By default,
  # the Default Space will be used.

# =============================== Elastic Cloud ================================

# These settings simplify using Functionbeat with the Elastic Cloud (

# The setting overwrites the `output.elasticsearch.hosts` and
# `` options.
# You can find the `` in the Elastic Cloud web UI.

# The cloud.auth setting overwrites the `output.elasticsearch.username` and
# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.

# ================================== Outputs ===================================

# Configure what output to use when sending the data collected by the beat.

# ---------------------------- Elasticsearch Output ----------------------------
  # Array of hosts to connect to.
  hosts: ["http://pri.ip:9200"]

  # Protocol - either `http` (default) or `https`.
  #protocol: "https"

  # Authentication credentials - either API key or username/password.
  #api_key: "id:api_key"
  username: "******"
  password: "**********"

# Available log levels are: error, warning, info, debug
logging.level: debug

# At debug level, you can selectively enable logging only for some components.
# To enable all selectors use ["*"]. Examples of other selectors are "beat",
# "publish", "service".
logging.selectors: ["*"]

the output of the request GET _cat/indices/functionbeat-*
yellow open functionbeat-7.10.2-2021.11.02-000001 mPkuXT1rSDaxsKEM0MUI2A 1 1 0 0 208b 208b

the output of the request GET functionbeat-*/_search?size=1

  "took" : 11,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  "hits" : {
    "total" : {
      "value" : 0,
      "relation" : "eq"
    "max_score" : null,
    "hits" : [ ]

policies attached to the role for the elk server:

Please help me out resolve this issue.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.