tyler.durden/icingabeat
1
0
Fork 0
mirror of https://github.com/Icinga/icingabeat.git synced 2025-08-15 14:58:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
icingabeat/vendor/github.com/elastic/beats/libbeat/docs/shared-logstash-config.asciidoc
Blerim Sheqa dd3104e1c6 Update to libbeat 6.1
2017-12-19 13:16:39 +01:00

53 lines
2.2 KiB
Plaintext
Raw Permalink Blame History

//////////////////////////////////////////////////////////////////////////
//// This content is shared by all Elastic Beats. Make sure you keep the
//// descriptions here generic enough to work for all Beats that include
//// this file. When using cross references, make sure that the cross
//// references resolve correctly for any files that include this one.
//// Use the appropriate variables defined in the index.asciidoc file to
//// resolve Beat names: beatname_uc and beatname_lc.
//// Use the following include to pull this content into a doc file:
//// include::../../libbeat/docs/shared-logstash-config.asciidoc[]
//////////////////////////////////////////////////////////////////////////
[IMPORTANT]
.Prerequisite
To use Logstash as an output, you must
{libbeat}/logstash-installation.html#logstash-setup[install and configure] the Beats input
plugin for Logstash.
If you want to use Logstash to perform additional processing on the data collected by
{beatname_uc}, you need to configure {beatname_uc} to use Logstash.
To do this, you edit the {beatname_uc} configuration file to disable the Elasticsearch
output by commenting it out and enable the Logstash output by uncommenting the
logstash section:
[source,yaml]
------------------------------------------------------------------------------
#----------------------------- Logstash output --------------------------------
output.logstash:
hosts: ["127.0.0.1:5044"]
------------------------------------------------------------------------------
The `hosts` option specifies the Logstash server and the port (`5044`) where Logstash is configured to listen for incoming
Beats connections.
For this configuration, you must <<load-template-manually,load the index template into Elasticsearch manually>>
because the options for auto loading the template are only available for the Elasticsearch output.
ifdef::allplatforms[]
include::../../libbeat/docs/step-test-config.asciidoc[]
endif::allplatforms[]
ifdef::win[]
TIP: To test your configuration file, change to the directory where the {beatname_uc}
binary is installed, and run {beatname_uc} in the foreground with the following
options specified: +.\winlogbeat.exe test config -c .\winlogbeat.yml -e+.
endif::win[]
Reference in New Issue View Git Blame Copy Permalink