Why ELK does not receive any data from Filebeat?

Elastic Stack Elasticsearch
1

I have an Ubuntu 18.04 server with ELK installed and configured on it.

For ELK I followed this tutorial :

When I go to Kibana, there is no data. Yet my configuration looks correct. Do you have an idea ?

ubuntu@monitoring-example-com:~$ sudo filebeat modules enable system :

Enabled system

ubuntu@monitoring-example-com:~$ sudo filebeat setup --template -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["localhost:9200"]' :

Index setup complete.

ubuntu@monitoring-example-com:~$ sudo filebeat setup -e -E output.logstash.enabled=false -E output.elasticsearch.hosts=['localhost:9200'] -E setup.kibana.host=localhost:5601 :

https://pastebin.com/2nhaPwJV

ubuntu@monitoring-example-com:~$ sudo systemctl start filebeat

ubuntu@monitoring-example-com:~$ sudo systemctl enable filebeat :

Synchronizing state of filebeat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable filebeat

ubuntu@monitoring-example-com:~$ curl -XGET 'http://localhost:9200/filebeat-*/_search?pretty' :

{
  "took" : 1,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 0,
      "relation" : "eq"
    },
    "max_score" : null,
    "hits" : [ ]
  }
}
2

What does the output from _cat/indices?v show?

3

I just found the problem. This is an error I made :

#output.elasticsearch:
  # Array of hosts to connect to.
  #hosts: ["localhost:9200"]

he miss # in front of output.elasticsearch:

1 Like
4

Thanks for sharing your solution! :smiley:

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.