CODEWITHSUNDEEP
elasticsearchlogstashkibanafilebeat
Luan Nguyen
Luan Nguyen

Reputation: 134

Setting up ELK stack

I'm completely new to ELK and trying to install the stack with some beats for our servers.

Elasticsearch, Kibana and Logstash are all installed (on server A). I followed this guide here https://www.elastic.co/guide/en/elastic-stack/current/installing-elastic-stack.html.

Filebeat template was installed as well.

I also installed filebeat on another server (server B), and was trying to test the connection

$ /usr/share/filebeat/bin/filebeat test output -c 
/etc/filebeat/filebeat.yml -path.home /usr/share/filebeat - 
path.config /etc/filebeat -path.data /var/lib/filebeat -path.logs 
/var/log/filebeat
logstash: my-own-domain:5044...
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 163.172.167.147
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.2
    dial up... OK
  talk to server... OK

Things seems to be ok, yet data from filebeat on server B doesn't seem to be sending data to logstash.

Accessing Kibana keeps redirecting me back to Create Index pattern, with the message

Couldn't find any Elasticsearch data

Any direction pointing would be really appreciated.

Upvotes: 1

Views: 534

Answers (1)

NicolasY
NicolasY

Reputation: 323

Can you check your filebeat.yml file and see if configuration for logs are activated :

filebeat.prospectors:
- type: log
  enabled: true
  paths:
    - /var/log/*.log

Upvotes: 2

Related Questions