Non-zero metrics in the last 30s

Marc2 · February 20, 2021, 8:32am

Hi, I'm completely new to ELK and I need to create an index in ElasticSearch using Filebeat.
When I execute Filebeat.exe it doesn't create the index and it says:

2021-02-20T09:23:57.477+0100	INFO	[monitoring]	log/log.go:144	Non-zero metrics in the last 30s	{"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":156,"time":{"ms":156}},"total":{"ticks":249,"time":{"ms":249},"value":249},"user":{"ticks":93,"time":{"ms":93}}},"handles":{"open":211},"info":{"ephemeral_id":"5ed76ca2-ff46-4756-a872-e9b331a13a36","uptime":{"ms":30131}},"memstats":{"gc_next":18102544,"memory_alloc":9969536,"memory_sys":31235112,"memory_total":42690328,"rss":51200000},"runtime":{"goroutines":31}},"filebeat":{"events":{"added":2,"done":2},"harvester":{"open_files":1,"running":1,"started":1}},"libbeat":{"config":{"module":{"running":0},"reloads":1,"scans":1},"output":{"events":{"active":0},"type":"elasticsearch"},"pipeline":{"clients":1,"events":{"active":0,"filtered":2,"total":2}}},"registrar":{"states":{"current":2,"update":2},"writes":{"success":2,"total":2}},"system":{"cpu":{"cores":8}}}}}

I don't know what am i doing wrong? Any idea?

Here si my filebeat.yml:

filebeat.inputs:

- type: log

  enabled: true
  
  paths:
    - C:\Users\Marc\Desktop\ELK\test\testTxt*
    
- type: filestream

  enabled: false

  paths:
    - /var/log/*.log

filebeat.config.modules:
  path: ${path.config}/modules.d/*.yml

  reload.enabled: false

setup.template.settings:
  index.number_of_shards: 1
setup.ilm.enabled: false
setup.template.enabled: false

setup.kibana:

    host: "localhost:5601"

output.elasticsearch:
  hosts: ["localhost:9200"]
  index: "testTxt"
  username: "elastic"
  password: "********************"

processors:

And there is the last log:

2021-02-20T09:23:27.418+0100	INFO	instance/beat.go:660	Home path: [C:\Users\Marc\Desktop\ELK\filebeat-7.11.1-windows-x86_64] Config path: [C:\Users\Marc\Desktop\ELK\filebeat-7.11.1-windows-x86_64] Data path: [C:\Users\Marc\Desktop\ELK\filebeat-7.11.1-windows-x86_64\data] Logs path: [C:\Users\Marc\Desktop\ELK\filebeat-7.11.1-windows-x86_64\logs]
2021-02-20T09:23:27.426+0100	INFO	instance/beat.go:668	Beat ID: 9121ee9f-da03-488a-8386-21ca95275570
2021-02-20T09:23:27.426+0100	INFO	[beat]	instance/beat.go:996	Beat info	{"system_info": {"beat": {"path": {"config": "C:\\Users\\Marc\\Desktop\\ELK\\filebeat-7.11.1-windows-x86_64", "data": "C:\\Users\\Marc\\Desktop\\ELK\\filebeat-7.11.1-windows-x86_64\\data", "home": "C:\\Users\\Marc\\Desktop\\ELK\\filebeat-7.11.1-windows-x86_64", "logs": "C:\\Users\\Marc\\Desktop\\ELK\\filebeat-7.11.1-windows-x86_64\\logs"}, "type": "filebeat", "uuid": "9121ee9f-da03-488a-8386-21ca95275570"}}}
2021-02-20T09:23:27.434+0100	INFO	[beat]	instance/beat.go:1005	Build info	{"system_info": {"build": {"commit": "9b2fecb327a29fe8d0477074d8a2e42a3fabbc4b", "libbeat": "7.11.1", "time": "2021-02-15T13:38:23.000Z", "version": "7.11.1"}}}
2021-02-20T09:23:27.434+0100	INFO	[beat]	instance/beat.go:1008	Go runtime info	{"system_info": {"go": {"os":"windows","arch":"amd64","max_procs":8,"version":"go1.14.14"}}}
2021-02-20T09:23:27.464+0100	INFO	[beat]	instance/beat.go:1012	Host info	{"system_info": {"host": {"architecture":"x86_64","boot_time":"2021-02-16T21:16:27.74+01:00","name":"DESKTOP-5E0R4G4","ip":["fe80::3d88:526f:945a:9839/64","169.254.152.57/16","fe80::9d19:9ee8:a63a:631e/64","169.254.99.30/16","fe80::c4f5:77b4:939e:7b4f/64","169.254.123.79/16","fe80::947e:a88c:cc5a:1c19/64","169.254.28.25/16","fe80::bc86:4931:a42e:9b5b/64","192.168.1.131/24","fe80::a022:1017:eb12:edcd/64","169.254.237.205/16","::1/128","127.0.0.1/8"],"kernel_version":"10.0.19041.804 (WinBuild.160101.0800)","mac":["3c:52:82:d0:4f:82","88:78:73:6a:d7:96","8a:78:73:6a:d7:95","00:ff:24:9e:ea:db","88:78:73:6a:d7:95","88:78:73:6a:d7:99"],"os":{"family":"windows","platform":"windows","name":"Windows 10 Home","version":"10.0","major":10,"minor":0,"patch":0,"build":"19041.804"},"timezone":"CET","timezone_offset_sec":3600,"id":"a05d861b-5c93-431d-967c-a9a0853f2aa3"}}}
2021-02-20T09:23:27.464+0100	INFO	[beat]	instance/beat.go:1041	Process info	{"system_info": {"process": {"cwd": "C:\\Users\\Marc\\Desktop\\ELK\\filebeat-7.11.1-windows-x86_64", "exe": "C:\\Users\\Marc\\Desktop\\ELK\\filebeat-7.11.1-windows-x86_64\\filebeat.exe", "name": "filebeat.exe", "pid": 2568, "ppid": 15792, "start_time": "2021-02-20T09:23:27.216+0100"}}}
2021-02-20T09:23:27.464+0100	INFO	instance/beat.go:304	Setup Beat: filebeat; Version: 7.11.1
2021-02-20T09:23:27.464+0100	INFO	eslegclient/connection.go:99	elasticsearch url: http://localhost:9200
2021-02-20T09:23:27.464+0100	INFO	[publisher]	pipeline/module.go:113	Beat name: DESKTOP-5E0R4G4
2021-02-20T09:23:27.468+0100	INFO	instance/beat.go:468	filebeat start running.
2021-02-20T09:23:27.468+0100	INFO	[monitoring]	log/log.go:117	Starting metrics logging every 30s
2021-02-20T09:23:27.470+0100	INFO	memlog/store.go:119	Loading data file of 'C:\Users\Marc\Desktop\ELK\filebeat-7.11.1-windows-x86_64\data\registry\filebeat' succeeded. Active transaction id=0
2021-02-20T09:23:27.471+0100	INFO	memlog/store.go:124	Finished loading transaction log file for 'C:\Users\Marc\Desktop\ELK\filebeat-7.11.1-windows-x86_64\data\registry\filebeat'. Active transaction id=59
2021-02-20T09:23:27.472+0100	INFO	[registrar]	registrar/registrar.go:109	States Loaded from registrar: 2
2021-02-20T09:23:27.472+0100	INFO	[crawler]	beater/crawler.go:71	Loading Inputs: 2
2021-02-20T09:23:27.472+0100	INFO	log/input.go:157	Configured paths: [C:\Users\Marc\Desktop\ELK\test\testTxt*]
2021-02-20T09:23:27.472+0100	INFO	[crawler]	beater/crawler.go:141	Starting input (ID: 7507190850927131308)
2021-02-20T09:23:27.473+0100	INFO	[crawler]	beater/crawler.go:108	Loading and starting Inputs completed. Enabled inputs: 1
2021-02-20T09:23:27.473+0100	INFO	cfgfile/reload.go:164	Config reloader started
2021-02-20T09:23:27.473+0100	INFO	cfgfile/reload.go:224	Loading of config files completed.
2021-02-20T09:23:27.473+0100	INFO	log/harvester.go:302	Harvester started for file: C:\Users\Marc\Desktop\ELK\test\testTxt.txt
2021-02-20T09:23:57.477+0100	INFO	[monitoring]	log/log.go:144	Non-zero metrics in the last 30s	{"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":156,"time":{"ms":156}},"total":{"ticks":249,"time":{"ms":249},"value":249},"user":{"ticks":93,"time":{"ms":93}}},"handles":{"open":211},"info":{"ephemeral_id":"5ed76ca2-ff46-4756-a872-e9b331a13a36","uptime":{"ms":30131}},"memstats":{"gc_next":18102544,"memory_alloc":9969536,"memory_sys":31235112,"memory_total":42690328,"rss":51200000},"runtime":{"goroutines":31}},"filebeat":{"events":{"added":2,"done":2},"harvester":{"open_files":1,"running":1,"started":1}},"libbeat":{"config":{"module":{"running":0},"reloads":1,"scans":1},"output":{"events":{"active":0},"type":"elasticsearch"},"pipeline":{"clients":1,"events":{"active":0,"filtered":2,"total":2}}},"registrar":{"states":{"current":2,"update":2},"writes":{"success":2,"total":2}},"system":{"cpu":{"cores":8}}}}}

Thank you

warkolm · February 22, 2021, 12:14am

Welcome to our community!

Is this the first time you have tried to process the file? If not then chances are Filebeat is tracking the state of the file and is waiting for new data to be added to it. You can try to remove the registry entry for that file, or add some new data to it.

Marc2 · February 22, 2021, 8:18am

Hello warkolm. It's not the first time try to process this file, but always with the same result. It consists in a .txt of a couple of lines. I've tried adding a new line while filebeat is executing and nothing changed, it still saying: [Non-zero metrics in the last 30s].

Is this the place where is should find my index?

Thanks for your help!

warkolm · February 22, 2021, 10:29pm

I can't see the testTxt index. I would suggest you clear your Filebeat registry and restart Filebeat, it should pick the file up again.

system · March 22, 2021, 10:30pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.