Hi,
I am facing an issue in filebeat registry file under windows platform.
Registry file under C:\Program Files\filebeat\data\registry shows empty array []. I dont see this behavior under linux platform. Am I missing anything ?
Regards.
Punit
The file is updated after events are successfully published to an output. Are there any errors in your log file? Or problems writing to the output?
Hi Andrew,
I did some testing and found out below
my earlier filebeat config was as below:
filebeat.prospectors:
- input_type: log
paths:
- d:\JINK\*\Logs\*\*.log
tags: [jinklogs]
multiline.pattern: '^JINK'
multiline.negate: true
multiline.match: after
processors:
- drop_fields.fields: [offset]
- drop_fields.fields: [beat.version]
output.console:
enabled: false
pretty: true
output.logstash:
hosts: ["192.168.1.230:5044"]
I changed it to
filebeat.prospectors:
- input_type: log
paths:
- d:\JINK\*\Logs\*\*.log
scan_frequency: 10s
ignore_older: 48h
tags: [jinklogs]
multiline.pattern: '^JINK'
multiline.negate: true
multiline.match: after
processors:
- drop_fields.fields: [offset]
- drop_fields.fields: [beat.version]
output.console:
enabled: false
pretty: true
output.logstash:
hosts: ["192.168.1.230:5044"]
Basically added below lines and now i see registry file being populated
scan_frequency: 10s
ignore_older: 48h
has this got to do with too many open files preventing updation of registry file or something else ?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.