Stack Overflow
Stack Overflow

Questions tagged [filebeat]

Filebeat is a lightweight, open source shipper for log file data. As the next-generation Logstash Forwarder, Filebeat tails logs and quickly sends this information to Logstash for further parsing and enrichment or to Elasticsearch for centralized storage and analysis.

Filebeat is a lightweight, open source shipper for log file data. As the next-generation Logstash Forwarder, Filebeat tails logs and quickly sends this information to Logstash for further parsing and enrichment or to Elasticsearch for centralized storage and analysis. See more details

1457 questions
2
votes
1 answer

Filebeat unable to send logs to Kafka

File Beat is unable to send logs from a particular folder, This is the application logs folder. Things that have been tried : Created a new topic in kafka to retest the settings. Checked for file permission for the folder and the file to…
user3636989
  • 161
  • 1
  • 9
2
votes
2 answers

Filebeat : Send different logs from filebeat to different logstash Pipeline

I Want the functionality that one filebeat instance can send data to different logstash pipeline. Is this possible? I have configured one logstash service having two pipelines, both pipelines separate ports are given. Let's say Pipeline1 (Port…
ROHIT
  • 185
  • 1
  • 3
  • 17
2
votes
1 answer

Filebeat to splunk

Is there a way to use filebeat to forward logs to splunk? Has anyone tried that? We use filebeat to forward logs to ELK stack and want the same forwarder to be able to forward logs to splunk
Hitesh Bajaj
  • 137
  • 2
  • 12
2
votes
1 answer

Logstash and filebeat in the ELK stack

We are setting up elasticsearch, kibana, logstash and filebeat on a server to analyse log files from many applications. Due to reasons* each application log file ends up in a separate directory on the ELK server. We have about 20 log files. As I…
user1329339
  • 1,295
  • 1
  • 11
  • 26
2
votes
2 answers

Capture all stdout/stderr within structlog to generate JSON logs

I am currently trying to get away from print()'s and start with centralized log collection using the ELK stack and the structlog module to generate structured json log lines. This is working perfectly fine for modules that I wrote myself using a…
dasjanik
  • 326
  • 3
  • 12
2
votes
2 answers

Filebeat don't send info logs

How can I set in filebeat if I want all other logs but not info. This is my configuration but this one doesn't work: filebeat.prospectors: - type: log enabled: true paths: - /var/log/messages - /var/log/secure -…
Badb0y
  • 331
  • 2
  • 21
2
votes
2 answers

Resend old logs from filebeat to logstash

Thanks in advance for your help. I would like to reload some logs to customize additional fields. I have noticed that registry file in filebeat configuration keeps track of the files already picked. However, if I remove the content in that file, I…
John Barton
  • 1,581
  • 4
  • 25
  • 51
2
votes
1 answer

Filebeat send mulltiline postgres log as one log to filebeat set only to this specific source

For example i have some sql log: < 2019-03-13 09:50:50.431 CET >WYRAŻENIE: SELECT SELECT column1, column2, ... FROM table_name ORDER BY column1, column2, ... ASC|DESC; < 2019-03-13 09:58:50.943 CET >UWAGA: detail:…
tryingHard
  • 1,794
  • 4
  • 35
  • 74
2
votes
0 answers

Integrating Elastic Stack with TeamCity builds to aggregate all logs

I'm looking for information on integrating Elastic Stack with TeamCity for log aggregation of the various logs related to the one build chain. The place I'm getting stuck is a good way to grab the logs from a running agent, which is currently…
DaveM
  • 55
  • 1
  • 6
2
votes
0 answers

How to add a tag when messages is multiline in Logstash

I use Filebeat6x to ship my logs to logstash. Some of my logs may be a multiline thats why I use Filebeat to Manage multiline messages Now I want to add filter in logstash to do something like if the message is multiline then add tag. If the…
airdata
  • 577
  • 1
  • 7
  • 23
2
votes
2 answers

Beat input in Logstash is losing fields

I have the following infrastructure: ELK installed as docker containers, each in its own container. And on a virtual machine running CentOS I installed nginx web server and Filebeat to collect the logs. I enabled the nginx module in filebeat. >…
500 Server error
  • 644
  • 13
  • 28
2
votes
1 answer

How to configure JBoss JsonFormatter for Filebeat (WildFly 14)

I have Filebeat pulling logs from stdout. I want to ensure my logs are outputted as JSON, so they can be properly parsed. Thus far, here's what I've found: org.jboss.logmanager.formatters doesn't have a JSON formatter There's an "extension" module…
shalvah
  • 881
  • 10
  • 21
2
votes
1 answer

Get docker logs into filebeat without root

I'm trying to gather logs from all my running docker containers and send them into the ELK stack. I'd like to use filebeat to do this so I'm following a similar approach to what is described in https://logz.io/blog/docker-logging/. My…
yoomtah
  • 33
  • 4
2
votes
2 answers

ELK parse json field as seperate fields

I have json like this: {"date":"2018-12-14…
tryingHard
  • 1,794
  • 4
  • 35
  • 74
2
votes
0 answers

Filebeat Nginx to capture vhost

I'm using the ELK stack with Filebeat to capture Nginx logs, no special setup or anything. But I have multiple domains in multiple virtual hosts and from the logs in Kibana can't tell which line is a request for which vhost, there is simply no…
chris_l
  • 57
  • 6
1 2 3
97 98