input {
beats {
port => 5044
}
}
# The filter part of this file is commented out to indicate that it is
# optional.
# filter {
#
# }
output {
elasticsearch {
hosts => "192.168.5.10:9200"
manage_template => false
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
document_type => "%{[@metadata][type]}"
}
}
Now, on winlogbeat machine i have installed the winlogbeat service and it is running. How do i push the logs to logstash server? I know i am missing something but after spending 4+ hours i couldn't figure out. Please help
2017-10-06T00:34:55+05:30 INFO Metrics logging every 30s
2017-10-06T00:34:55+05:30 INFO Home path: [C:\Program Files (x86)\winlogbeat] Config path: [C:\Program Files (x86)\winlogbeat] Data path: [C:\\ProgramData\\winlogbeat] Logs path: [C:\Program Files (x86)\winlogbeat\logs]
2017-10-06T00:34:55+05:30 INFO Setup Beat: winlogbeat; Version: 5.6.2
2017-10-06T00:34:55+05:30 INFO Max Retries set to: 3
2017-10-06T00:34:55+05:30 INFO Activated logstash as output plugin.
2017-10-06T00:34:55+05:30 INFO Publisher name: DESKTOP-UAIKJKO
2017-10-06T00:34:55+05:30 INFO Flush Interval set to: 1s
2017-10-06T00:34:55+05:30 INFO Max Bulk Size set to: 2048
2017-10-06T00:34:55+05:30 INFO State will be read from and persisted to C:\ProgramData\winlogbeat\.winlogbeat.yml
2017-10-06T00:34:55+05:30 INFO winlogbeat start running.
2017-10-06T00:35:25+05:30 INFO Non-zero metrics in the last 30s: uptime={"server_time":"2017-10-05T19:05:25.9456084Z","start_time":"2017-10-05T19:04:55.9132075Z","uptime":"30.0324009s","uptime_ms":"30032400"}
2017-10-06T00:35:55+05:30 INFO Non-zero metrics in the last 30s: uptime={"server_time":"2017-10-05T19:05:55.9449686Z","start_time":"2017-10-05T19:04:55.9132075Z","uptime":"1m0.0317611s","uptime_ms":"60031761"}
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
