Step 1 – Download a file beat pacage
$ cd /opt
$ yum install wget -y
$ wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.3.3-linux-x86_64.tar.gz
$ tar -zxvf filebeat-8.3.3-linux-x86_64.tar.gz
$ cd filebeat-8.3.3-linux-x86_64Step 2 – Configure input in filebeat.yml
# Each - is an input. Most options can be set at the input level, so
# you can use different inputs for various configurations.
# Below are the input specific configurations.
# filestream is an input for collecting log messages from files.
- type: filestream
# Unique ID among all inputs, an ID is required.
id: my-filestream-id
# Change to true to enable this input configuration.
enabled: true
# Paths that should be crawled and fetched. Glob based paths.
paths:
- /var/log/*.log
#- c:\programdata\elasticsearch\logs\*
Step 3 – Configure output in filebeat.yml
output.elasticsearch:
hosts: ["https://172.18.0.2:9200"]
username: "elastic"
password: "qgWrZ8dzJtp*nB4HLIHZ"
ssl:
enabled: true
ca_trusted_fingerprint: "069dd4ec9161d86b6299a2823c1f66c5c7a1afd47550c8521bb07e6e0c4cf329" Step 4 – Configure Kibana in filebeat.yml
setup.kibana:
host: "172.18.0.3:5601"
username: "elastic"
password: "{qgWrZ8dzJtp*nB4HLIHZ}"Step 5 – To test your configuration file
$ ./filebeat test config -eStep 6 – Setup Assets
Filebeat comes with predefined assets for parsing, indexing, and visualizing your data. To load these assets:
$ ./filebeat setup -eStep 7 – Start the filebeat daemon
$ sudo chown root filebeat.yml
$ sudo ./filebeat -e -c filebeat.yml
Mentor for DevOps - DevSecOps - SRE - Cloud - Container & Micorservices at Software AG
Join my following certification courses...
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
Latest posts by Rajesh Kumar (see all)
- Installing Jupyter: Get up and running on your computer - November 2, 2024
- An Introduction of SymOps by SymOps.com - October 30, 2024
- Introduction to System Operations (SymOps) - October 30, 2024
