Stack Overflow
Stack Overflow

Questions tagged [filebeat]

Filebeat is a lightweight, open source shipper for log file data. As the next-generation Logstash Forwarder, Filebeat tails logs and quickly sends this information to Logstash for further parsing and enrichment or to Elasticsearch for centralized storage and analysis.

Filebeat is a lightweight, open source shipper for log file data. As the next-generation Logstash Forwarder, Filebeat tails logs and quickly sends this information to Logstash for further parsing and enrichment or to Elasticsearch for centralized storage and analysis. See more details

1457 questions
3
votes
1 answer

Logstash single input and multiple output

I have configured logstash to get input from one filebeat port. Filebeat configured with two different paths. is it possible to display logs to two different index? Logstash input part: input{ beats { type => "stack" port => 5044 …
Jeeva N
  • 431
  • 1
  • 5
  • 17
3
votes
1 answer

Filebeat vs Java logging appenders

We will start deploying our java applications using docker on AWS elasticbeanstalk, we want centralized logging and will be using ELK stack. I would like keep one process per container, therefore avoid using filebeat, but in order to do that we…
Tiago Lopo
  • 7,619
  • 1
  • 30
  • 51
3
votes
1 answer

Connection refused from filebeat to logstash

I have an issue when I try to connect to my logstash from Filebeat Logstash version 2.0.0 Filebeat 1.0.1 Here the error INFO Connecting error publishing events (retrying): dial tcp 192.168.50.5:14560: getsockopt: connection refused This is my…
paul
  • 12,873
  • 23
  • 91
  • 153
3
votes
1 answer

Logstash input Filebeat

First of all I apologize for my English. I'm an intern in a company and I put up a solution ELK with Filebeat to send the logs. The problem is that once recover syslog_pri always displays Notice and severity_code 5 Here is my configuration…
Jessy FAVRIAU
  • 61
  • 1
  • 5
2
votes
1 answer

Docker-compose filebeat container is not able to push docker container logs to logstash

I am running ELK and filebeat inside two different host separate docker-compose.yml. But filebeat cannot connect to logstash. I can properly telnet into logstash telnet a.b.c.d 5044 after I wait for the logstash pipelines to start. Server Side…
Aakarshit Agarwal
  • 31
  • 3
2
votes
1 answer

connect to a remote host in perl and run ssh commands as a root user

I am trying to connect to a remote host as a user. Now i want to run a few commands that need sudo access. The commands are: export http_proxy=http://xxxx.xx.xx.com:8080 export https_proxy=http://xxxx-xxxx.xx.xx.com:8080 sudo /etc/init.d/filebeat…
Daksha
  • 21
  • 2
2
votes
1 answer

Is it possible to redirect NATs Jetstream message to Elastic search

We use Nats jetstream for message distribution. I want to display messages delivered to Nats in UI. All message have pre defined common structure. Do we have file beat or logstash plugin to read the content (message) of NATS and redirect to ES. Or…
defender
  • 353
  • 2
  • 11
2
votes
1 answer

Elastic ELK stack 8.5 integration with Spring Boots Application using Filebeat

Setting up a pipeline of elastic search, kibana, and logstash in locally and using filebeat to push logs from a spring boot application to the pipeline. U will find the official documentation well-defined, But I created this questions to answer a…
Leons
  • 201
  • 1
  • 7
2
votes
1 answer

Elastic ECK Filebeat logs from a specific pod

I have configured an Elastic ECK Beat with autodiscover enabled for all pod logs, but I need to add logs from a specific pod log file too; from this path /var/log/traefik/access.log inside the container. I've tried with module and log config but…
joepa37
  • 3
  • 4
  • 21
2
votes
0 answers

What is the difference between a filebeat container input and a filebeat filestream input with a container parser?

I notice that the filebeat documentation suggests that the filestream input is the new and improved alternative to the log input. I also notice that the documentation indicates that a container parser may be specified as a child of the filestream…
Chad Showalter
  • 211
  • 1
  • 12
2
votes
0 answers

Packetbeat failed to connect to backoff

I have a simple express app with Nginx and I use Filebeat with ELK stack. Filebeat takes in charge of streaming log file from Nginx to Logstash then processing it and visualize to Kibana. This pipeline works fine. However, I wanted to check how can…
Kosmylo
  • 436
  • 1
  • 6
  • 20
2
votes
2 answers

FileBeat not sending data to ElasticSearch Kibana

I'm unable to receive data in the Kibana dashboard from the Filebeat agent. I'm using self-managed ELK with AWS EC2 server. Below is my filebeat.yml filebeat.inputs: - type: log enabled: true paths: -…
Naveen
  • 103
  • 1
  • 12
2
votes
1 answer

Can't set document_id for deduplicating docs in Filebeat

What are you trying to do? I have location data of some sensors, I want to make geo-spatial queries to find which sensors are in a specific area (query by polygon, bounding-box, etc). The location data (lat-lon) for these sensors may change in the…
WISERDIVISOR
  • 154
  • 2
  • 12
2
votes
1 answer

How to split log (key) field with fluentbit?

We are sending node.js code to OpenSearch using FluentBit. We are having issues because log key contains nested value as message. We need to split the values mentioned in the below log message - log- {"level":"info","message":"\"{\"method:\" GET…
Prateek Porwal
  • 21
  • 3
2
votes
1 answer

Combine Filebeat Logs to ship to Elastic Search based on unique Trace Id (Without Logstash)

I have configured filebeat for shipping logs of my spring boot application directly to AWS Opensearch Service without configuration of logstash. I want to configure filebeat multiline regex in a way that it can combine all the logs in a single…
Shikha Shah
  • 21
  • 2
1 2 3
97 98