Step 1 – Download a file beat pacage
$ cd /opt
$ yum install wget -y
$ wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.3.3-linux-x86_64.tar.gz
$ tar -zxvf filebeat-8.3.3-linux-x86_64.tar.gz
$ cd filebeat-8.3.3-linux-x86_64
Step 2 – Configure input in filebeat.yml
# Each - is an input. Most options can be set at the input level, so
# you can use different inputs for various configurations.
# Below are the input specific configurations.
# filestream is an input for collecting log messages from files.
- type: filestream
# Unique ID among all inputs, an ID is required.
id: my-filestream-id
# Change to true to enable this input configuration.
enabled: true
# Paths that should be crawled and fetched. Glob based paths.
paths:
- /var/log/*.log
#- c:\programdata\elasticsearch\logs\*
Step 3 – Configure output in filebeat.yml
output.elasticsearch:
hosts: ["https://172.18.0.2:9200"]
username: "elastic"
password: "qgWrZ8dzJtp*nB4HLIHZ"
ssl:
enabled: true
ca_trusted_fingerprint: "069dd4ec9161d86b6299a2823c1f66c5c7a1afd47550c8521bb07e6e0c4cf329"
Step 4 – Configure Kibana in filebeat.yml
setup.kibana:
host: "172.18.0.3:5601"
username: "elastic"
password: "{qgWrZ8dzJtp*nB4HLIHZ}"
Step 5 – To test your configuration file
$ ./filebeat test config -e
Step 6 – Setup Assets
Filebeat comes with predefined assets for parsing, indexing, and visualizing your data. To load these assets:
$ ./filebeat setup -e
Step 7 – Start the filebeat daemon
$ sudo chown root filebeat.yml
$ sudo ./filebeat -e -c filebeat.yml
Latest posts by Rajesh Kumar (see all)
- An Introduction of GitLab Duo - December 22, 2024
- Best Hospitals for affordable surgery for medical tourism - December 20, 2024
- Top Global Medical Tourism Companies in the World - December 20, 2024