Hello,
After a lot of testing with logstash and filebeat, I need to reset filebeat to be able to ship all the log data again in a clean way.
First, I deleted all the data from elasticsearch. Then, I went to /var/lib/filebeat/registry/filebeat and moved the 2 files that I found there away ( data.json and meta.json)
Now the directory is empty. However, I still couldn't reset filebeat and it's not shipping data anymore.
Do you know how I can fix this?
Thank you
Up !!
Can you clarify what you mean by "it's not shipping data anymore" ? Can you copy any logs you have from /var/log/filebeat/ ?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.