Same issue
Running filebeat -> Elasticsearch = Works, can see Server, GC, Kibana etc logs...
filebeat -> Logstash = No Logs displayed
Perhaps this...
@stephenb So can i use a data stream, which is what i was doing and missing the manage_template => false.
Everything else was identical
I would think so... I have not played with data streams much yet ..
Just confirmed... you cannot use these two settings, with data_stream => "true"
manage_template => false
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
So there must be a way, while using data streams, to keep the Structured logs in the Stack Monitoring UI, as we are migrating to recommended future architecture with Data Streams.
Did you enable the Elasticsearch module and then take out those 2 lines from logstash? If so what data stream does the data end up in?
The data goes into a data stream, the default one, as i don't specify any other data stream
.ds-logs-generic-default
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.