Stack Overflow
Stack Overflow

Questions tagged [filebeat]

Filebeat is a lightweight, open source shipper for log file data. As the next-generation Logstash Forwarder, Filebeat tails logs and quickly sends this information to Logstash for further parsing and enrichment or to Elasticsearch for centralized storage and analysis.

Filebeat is a lightweight, open source shipper for log file data. As the next-generation Logstash Forwarder, Filebeat tails logs and quickly sends this information to Logstash for further parsing and enrichment or to Elasticsearch for centralized storage and analysis. See more details

1457 questions
3
votes
1 answer

Kibana shows The data you are seeing might be incomplete or wrong

Configuring my elk stack => Kibana, elasticsearch and filebeat. All working fine but, when i wanted to view the logs on kibana, i recieved this error 1 of 8 shards failed The data you are seeing might be incomplete or wrong. See response: { …
Daniel Ibanga
  • 59
  • 1
  • 9
3
votes
1 answer

Filebeat "error loading config file: yaml: did not find expected key"

Im stacked at this issue. I have an Elasticsearch server with x-pack security enabled. A client with Filebeat that is sending outputs to that server. All is working fin without enabling x-pck security, but whe doing it, in the lient I have this…
Ecofintech
  • 323
  • 2
  • 5
  • 15
3
votes
1 answer

Is it possible to maintain the index name from FileBeat to LogStash for Elasticsearch?

I'm really new to ELK and I have set up an ELK stack where FileBeat sends the logs to LogStash for some processing and then outputs to Elasticsearch. I was wondering if it is possible to maintain the index name set in filebeat.yml all the way to…
Obi-Wan-Clemobi
  • 145
  • 1
  • 13
3
votes
1 answer

ERROR pipeline/output.go:100 Failed to connect to backoff(async(tcp://logstash:5044)) - ELK Filebeat .NET Core 3.1 Docker

I'm having a strange problem I can't work out as my problem, when searching for this error, is different. People seem to have experienced this when trying to connect Filebeat to Logstash. However, I am trying to write logs directly to Elasticsearch…
user1574598
  • 3,771
  • 7
  • 44
  • 67
3
votes
1 answer

HA-proxy logs in json format

I am new to ha-proxy and trying to push the logs to elastic search using filebeat. As filebeat only takes json format and I am not getting a way to configure ha-proxy to output the logs in json format, which includes both success and error cases. I…
Jet
  • 3,018
  • 4
  • 33
  • 48
3
votes
0 answers

Empty lines in multiline pattern(python error traceback) in filebeat input are not getting parsed correctly?

The log line which should be harvested and published to logstash as a single line: [pid: 17318|app: 0|req: 1/2] 10.14.206.28 (jaavedkhan) {60 vars in 1296 bytes} [Mon Dec 30 15:51:38 2019] GET /en/ => generated 27 bytes in 711 msecs (HTTP/1.1 500) 6…
Javed
  • 5,904
  • 4
  • 46
  • 71
3
votes
1 answer

Logstash does not process files sent by filebeat

I have setup an elk stack infrastructure with docker. I can't see files being processed by logstash. Filebeat is configured to send .csv files to logstash from logstash, to elasticsearch. I see the logstash filebeat listner staring. Logstash to…
praslea
  • 45
  • 1
  • 8
3
votes
0 answers

filebeat marking the log file inactive even when there is unread content in it

I am using filebeat version 5.6.16 on a centos server to push logs to logstash from path /opt/news-bff/logs/Icis.Genesis*.log There are many matching log files -rw-r--r--. 1 root root 5049 Sep 25 10:30…
RAMNEEK GUPTA
  • 713
  • 1
  • 6
  • 13
3
votes
1 answer

Mysterious Filebeat 7 X-Pack issue using Docker image

I've also posted this as a question on the official Elastic forum, but that doesn't seem super frequented. https://discuss.elastic.co/t/x-pack-check-on-oss-docker-image/198521 At any rate, here's the query: We're running a managed AWS Elasticsearch…
josephkibe
  • 1,281
  • 14
  • 28
3
votes
0 answers

Kubernetes - Filebeat stops sending/picking up logs. FIlebeat works after restarting the filebeat pods

I am running one filebeat (version - 6.4.1) per node in kubernetes cluster with 1 master node and 3 worker nodes. And a single logstash, elastic and Kibana for the entire cluster. While the pods are up and running successfully, filebeat is unable to…
Bhavani Prasad
  • 1,079
  • 1
  • 9
  • 26
3
votes
1 answer

Filebeat TCP Input Usage

Questions: Do TCP inputs manage harvesters (i.e. do you send a file path to the TCP input and then a harvester starts ingesting that file)? Can TCP inputs accept structured data (like the json configuration option on the log input)? Does the TCP…
Elias
  • 1,367
  • 11
  • 25
3
votes
0 answers

DelayCompress in logback

Do we have delaycompress on rotation feature in logback like logrotate has? I googled but unable to find any. Thought of asking it here. My use case: I am trying to setup ELK for my project which uses filebeat so send the logs to logstash. In my…
Neerav Vadodaria
  • 317
  • 1
  • 11
3
votes
2 answers

Filebeat vs Directly pushing logs to logstash from application

I am planning to architect a centralized logging system for one of our project which has multiple components written in Java, Python & Scala. I want to collect logs from different parts ( REST Server, Spark Jobs, Airflow server ) to logstash and…
Bill Goldberg
  • 1,699
  • 5
  • 26
  • 50
3
votes
0 answers

Filebeat: read logs from a running docker image on mac OS

I have a running docker image that produces some logs, putting them in the default location /var/lib/docker/containers/CONTAINER_ID, and another docker image with Filebeat that should read from the first image. I set the Logstash configuration in…
Nicolò Pomini
  • 186
  • 2
  • 6
3
votes
1 answer

Logging .net Core with Elastic stack

Trying to set up simple logging with Filebeats, Logstash and be able to view logs in Kibana. Running a simple mvc .net core app with log4net as logger. log4net FileAppender appending logs to C:\Logs\Debug.log just fine. However not able to push…
ShaneKm
  • 20,823
  • 43
  • 167
  • 296
1 2 3
97 98