10:46am
Hey Elastic... I got a little problem I'd like you to help me fix.. I have an ELK server hosted on Centos 7 and I'm pulling logs from 2 Debian machines. From the server, where would I retrieve logs for filebeat, metricbeat, topbeat and packetbeat from the 2 client machines ?
I'm confused by your question.
What do you want to do?
In brief, beats are agents that you can put on edge machines to collect various things like:
- logs with filebeat (you know where are the logs you want to collect I guess)
- network content (wireshark on the network card) with packetbeat (you know the network car you want to use I guess)
- system and application metrics with metricbeat (you know which applications are running on your server I guess)
topbeat has been replaced by metricbeat
Hey dadonet, I would like to know the location of the log files for the beat agents. for instance the location of filebeat , metricbeat and packetbeat log files. Thank you..
From the SERVER there are not BEAT logs - unless you installed the agent on the server(in this case the server would behalf at the same time as a server and as a client). You will only be able to find BEAT logs on the clients where you have installed them.
Additionally, server-side you might find some entries regarding beats connections on the service you're sending BEATS logs to (ES or logstash)
On the CLIENTS - case you installed using rpm package - logs should be on /var/log/[packet|metric|file]beat/*
Thank you Xavy
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.