Hi,

I have installed ELK stack on a single server and also filebeat on the same box. Configured filebeat.yml to send the sample log files . below is the fields:

Paths that should be crawled and fetched. Glob based paths.

paths:
- /home/user/logstash-tutorial-dataset
fields:
index: test_app
source_type: app_log
application_name: learn
aws_region: dev_east

Also i have configured the corresponding logstash conf file to look like this:

input {
beats {
port => "5043"
}
}

The filter part of this file is commented out to indicate that it is

optional.

filter {

}

output {
elasticsearch {
hosts => [ "localhost:9200" ]
}

When i load the Kibana console i see the message "No default index pattern . You must select or create one to continue.

I am continously writing entries to my log file and logstash is running. But the data is not written to the ES indices.

My question is : Is there any different process to create the indices on ES or just defining in the filebeat.yml is enough and will be displayed in the kibana console.

Per the documentation here, it says you have to load the index template into Elasticsearch manually. Give it a try and see if you run into problems yet. Let us know if you need more help.

https://www.elastic.co/guide/en/beats/filebeat/current/config-filebeat-logstash.html

Thanks
Rashmi

I did that, but now Kibana shows that it can not connect to Elasticsearch on http://localhost:9200.

My current setup

All three components are installed on the same machine and in all three yml files i have defined the CNAME for network.host . The CNAME points to the IP address of the server.

Now the Elastic search is started, i again get the error that says "No default index pattern defined".

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.