Packetbeat not running

kumar21000 · November 23, 2016, 8:25am

I am trying to run packetbeat in centos 7, while running I am getting the below error

[root@packetbeat]# cat /var/log/packetbeat/packetbeat
2016-11-23T11:50:50+04:00 INFO Setup Beat: packetbeat; Version: 5.0.1
2016-11-23T11:50:50+04:00 INFO Loading template enabled. Reading template file: /etc/packetbeat/packetbeat.template.json
2016-11-23T11:50:50+04:00 INFO Loading template enabled for Elasticsearch 2.x. Reading template file: /etc/packetbeat/packetbeat.template-es2x.json
2016-11-23T11:50:50+04:00 ERR failed to initialize elasticsearch plugin as output: missing required field accessing 'output.elasticsearch.hosts'
2016-11-23T11:50:50+04:00 CRIT Exiting: error initializing publisher: missing required field accessing 'output.elasticsearch.hosts'

in my packetbeat.yml I have specified elasticsearch

output.elasticsearch:

Array of hosts to connect to.

hosts: ["x.x.x.x:xxxx"]

I am not sure what I am missing, any idea?

steffens · November 23, 2016, 10:01am

the config file format (yaml) is sensitive to use of spaces and tabs. Looks like you did not indent hosts correctly.

system · December 21, 2016, 10:01am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat selftest failt: missing field 'output.elasticsearch.hosts' Beats elastic-stack-security , filebeat	3	2122	July 30, 2023
Filebeat not coming up Beats filebeat	2	6008	June 27, 2018
Output.elasticsearch -> console Beats beats-development	3	2711	June 19, 2018
Error loading config file: yaml: line 177: could not find expected ':' Beats metricbeat	3	1937	July 1, 2021
Tried to start filebeat error was generated Beats filebeat	5	8627	July 5, 2017

Packetbeat not running

Array of hosts to connect to.

Related topics