I am sending json string(For example {"key1": "value1", "key2":"value2"}) to filebeat->elasticsearch->kibana using TCP input in filebeat. However I am getting json string under message field on kibana/elasticsearch (for example "message": {"key1": "value1", "key2":"value2"}.
Note I am sending 1 json string(example given above) at a time with TCP stream
I have tried various option(and combination) in filebeat but nothing worked so far.
Note I was able to set other permission like 0600, etc(but maximum permission i was able to set is 755).
Below is the snapshot of files:
-rwxr-xr-x. 1 root root 4210956 Nov 26 06:39 filebeat
-rwxr-xr-x. 1 root root 13631350 Nov 26 06:39 filebeat.1
-rwxr-xr-x. 1 root root 13631350 Nov 26 06:39 filebeat.2
Do you have any idea/inputs whether the filebeat behavior is correct or not? Because, in this case logstash is not able to delete file after reading the same as it was created by root and persmission for other and group user is R+X
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.