Reputation: 189
Filebeat Issue " Error Initialising publisher: No outputs are defined. " when trying to forward logs to Logstash
I am new to ELK Stack. I am trying to implement it Using Windows (ELK Server ) and Vagrant Unix CentOS VM ( Filebeat Shipper )
For starters, I am trying to ship Unix Syslog to ELK server and see how it works
I have configured the central.conf file for Logstash on my Windows Machine as
input{
beats{
port => 5044
}
}
output{
stdout{ }
elasticsearch{
hosts => ["http://localhost:9200"] }
}
and Filebeat YAML on Unix (CentOS - 7) is configured as
filebeat:
prospectors:
-
paths:
-"/var/log/*.log"
input_type: log
document_type: beat
registry: "/var/lib/filebeat"
output:
logstash:
hosts: ["127.0.0.1:5044"]
logging:
to_files: true
files:
path: "/var/log/filebeat"
name: filebeat.log
rotateeverybytes: 10485760
level: debug
Elasticsearch and Logstash is running properly on my windows machine
I am facing the following two issues right now,
1.When i try to run filebeat shipper on Unix , it gives me the below error
[root@localhost filebeat]# filebeat -e -v -c filebeat.yml -d "*"
2016/05/08 11:07:00.404841 beat.go:135: DBG Initializing output plugins
2016/05/08 11:07:00.404873 geolite.go:24: INFO GeoIP disabled: No paths were set under output.geoip.paths
2016/05/08 11:07:00.404886 publish.go:269: INFO No outputs are defined. Please define one under the output section.
Error Initialising publisher: No outputs are defined. Please define one under the output section.
2016/05/08 11:07:00.404902 beat.go:140: CRIT No outputs are defined. Please define one under the output section.
2 . When i saw Logstash logs , i found out , its trying to listen Beats input on "0.0.0.0:5044" rather than on "127.0.0.1:5044"
{:timestamp=>"2016-05-08T16:36:07.158000+0530", :message=>"Beats inputs: Starting input listener", :address=>"0.0.0.0:5044", :level=>:info}
Are these two issues interrelated , how can i resolve them , could someone please help me out and point me in the right direction to get this working.
Really Appreciate any help you could provide.
Upvotes: 1
Views: 8813
Answers (1)
Reputation: 4655
The error says:
No outputs are defined. Please define one under the output section.
If your yaml file is same as in the question, it is wrong. Because the indentation is important in yaml. It must be like:
...
output:
logstash:
hosts: ["127.0.0.1:5044"]
...
Upvotes: 3
Related Questions
- connect filebeat to logstash
- Difference between using Filebeat and Logstash to push log file to Elasticsearch
- why is filebeat unable to connect to logstash
- Filebeat does not send logs to logstash
- Filebeat: Send logs from one Filebeat instance to different Logstash instances
- File Beat not able to connect with logstash from another instance (ELK stack)
- How to configure FileBeat and Logstash to add XML Files in Elasticsearch?
- Why are there no logstash indexes in kibana