Configuration of Filebeat For Elasticsearch
Configuration of Filebeat For, This module can help you to analyse the logs of any server in real time.
There are lots of module available like nginx, MySQL etc for analysing the log data. This depends on your requirements.
How filebeats works, This reads the log file which are specified in the configuration files and sends the new logs to libbeat, which starts sending the data to output which you have configured for filebeat.
You can read logs of Apache, Nginx, tomcat and more, Just installed this plugins to analyse the logs data.
Settings For Filebeat
Once filebeat is installed and now you have to make changes in filebeat.yml file to connect filebeat to elasticsearch server running on 9200.
Edit the file vim /etc/filebeat/filebeat.yml
Now Elasticsearch Settings in the same filebeat.yml file,
Check Out : Configuration of Filebeat For Elasticsearch
Now you have to enable the module of Logstash and elasticsearch.
filebeat modules enable logstash
Make changes in logstash.yml file,
The below command will setup the filebeat and load the Kibana dashboard.
Restart the filebeat service
systemctl restart filebeat
As you will see, Filebeat connected to Elasticsearch Server.