Stack Overflow
Stack Overflow

Questions tagged [elastic-stack]

Elastic Stack combines the Elasticsearch, Logstash, Kibana, and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

Elastic Stack combines the , , , and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

In 2015, Elastic introduced the Beats framework (,,) into their stack and decided to rename the ELK Stack to the Elastic Stack

3683 questions
5
votes
1 answer

logstash is throwing exception template file not found

I'm trying to install docker-elk stack using docker-compose, elastic search and kibana are working fine, but my logstash is not connecting to elastic search and throwing error shown below, I'm installing this for first time so doesn't have much…
arjunsv3691
  • 791
  • 6
  • 19
5
votes
0 answers

Elastic Kibana - how to plot error bars

I am trying to plot error bars to a Kibana (Elastic ELK visualization software) plot. I tried to play around with Kibana to see what I can get, but I couldn't get it to work. When I search the web, I don't get a single hit (web page, or previously…
ximiki
  • 435
  • 6
  • 17
5
votes
1 answer

Debugging Filebeat in the ELK stack

I am having some issues with my ELK system. The client-side work is as follows: Filebeat -> Logstash --> Elastic --> Kibana Parts of our logs don't arrive to Elastic from specific machines. I suspect that the problem is in the log harvesting in…
Green
  • 2,405
  • 3
  • 22
  • 46
5
votes
3 answers

Kibana 5.5.1 behind a nginx 1.13 proxy (dockerized)

Goal: I want to run the elk stack in a docker container. To be able to access the ELK Stack over a nginx proxy to bypass the individual ports for the services. The Kibana service (default port 5601) http://.com:5601 should be reachable over…
neutron
  • 263
  • 2
  • 11
5
votes
2 answers

What is the role of Logstash Shipper and Logstash Indexer in ELK stack?

I have been studying online about ELK stack for my new project. Although most of the tech blogs are about how to set ELK up. Although I need more information to begin with. What is Logstash ? Further, Logstash Shipper and Indexer. What is…
Moose
  • 751
  • 22
  • 42
5
votes
2 answers

How to set hostname in global service in Docker Swarm

I have a service deployed to my Docker Swarm Cluster as global service (ELK Metricbeat). I want to each of this service to have a hostname the same as the hostname of the running node (host)? in another word, how I can achieve the same result in the…
sadok-f
  • 1,387
  • 15
  • 28
5
votes
1 answer

Filebeat multiline kubernetes container logs not working

Hi I have some problem to parse kubernetes containers multi lines using filebeat and logstash. kubernetes log file are located in /var/log/containers/*.log and in a json line structure. Is there something about my configuration is wrong? What did I…
Omri Ziv
  • 51
  • 3
5
votes
1 answer

Log level as a field for Docker GELF logging driver

I want to get stdout logs from a docker container and send them to ELK stack. So far, I know that there is a GELF logging driver in Docker. However, I can't figure out how I can parse ERROR, WARNING or DEBUG messages from the message and put them in…
skynyrd
  • 942
  • 4
  • 14
  • 34
5
votes
3 answers

Serilog HTTP sink + Logstash: Splitting Serilog message array into individual log events

We're using Serilog HTTP sink to send the messages to Logstash. But the HTTP message body is like this: { "events": [ { "Timestamp": "2016-11-03T00:09:11.4899425+01:00", "Level": "Debug", "MessageTemplate": "Logging…
Adam Michalik
  • 9,678
  • 13
  • 71
  • 102
5
votes
0 answers

How do I send app logs to Elasticsearch from within a Dockerized Node app?

I have a small node script wherein I use bunyan to handle application logging. The logger writes to local storage. I'd like to send the logs to elasticsearch using filebeat (both of which are new tech to me). I've made a dockerfile that…
Brandon
  • 7,736
  • 9
  • 47
  • 72
5
votes
3 answers

How can I debug logstash even when configuration is OK, on Windows?

I have the following configuration for my logstash importing a few CSV files: input { file { path => [ "C:\Data\Archive_ATS_L1\2016-10-08-00-00_to_2016-10-09-00-00\S2KHistorian\Historian\S2KEventMsg_Table.csv", …
Ray
  • 4,679
  • 10
  • 46
  • 92
5
votes
1 answer

Field [] used in expression does not exist in mappings

The feature I try to fullfit is to create a metric in kibana that display the number of users "unvalidated". I send a log sent when a user registers, then a log when a user is validated. So the count I want is the difference between the number of…
Paul Andrieux
  • 1,836
  • 11
  • 24
5
votes
1 answer

Filebeat > is it possible to send data to Elasticsearch by means of Filebeat without Logstash

I am a newbie of ELK. I installed first Elasticsearch and Filebeat without Logstash, and I would like to send data from Filebeat to Elasticsearch. After I installed the Filebeat and configured the log files and Elasticsearch host, I started the…
Rui
  • 3,454
  • 6
  • 37
  • 70
5
votes
0 answers

Elasticsearch: searching for a geo_shape that contains a point

I'm trying to correctly format a query that returns a polygon geo_shape given a point geo_shape. The elasticsearch version is 2.2.1 My mapping is "outputarea-index" : { "aliases" : { }, "mappings" : { "outputarea" : { …
darktachyon
  • 258
  • 1
  • 2
  • 8
5
votes
1 answer

unmarshal errors in filebeat configuration

I have configured filebeat for logstash. But while starting the filebeat I am getting following error : main.go:42: CRIT Config error: Error reading config file: YAML config parsing failed on /etc/filebeat/filebeat.yml: yaml: unmarshal errors: …
sharvil_parekh
  • 435
  • 2
  • 5
  • 12
1 2 3
99 100