Filebeat Overview

Filebeat is a light weight agent on server for log data shipping, which can monitors log files, log directories changes and forward log lines to different target Systems like Logstash, Kafka ,elasticsearch or files etc.

Filebeat work like tail command in Unix/Linux.

Latest Filebeat Version :   6.2.4

Why Filebeat ?

  • Lightweight agent for shipping logs.
  • Forward and centralize files and logs.
  • Robust (Not miss a single beat)

How Filebeat Work?

Filebeat starts prospectors to locate corresponding to each log file path mentioned in filebeat configuration file. Filebeat start a periodic harvester, which identify changes on file based on inode value, do tail to read change logs and send it to spooler to aggregate it. Processors (If configure) will perform different operation based on condition in spooler. Spooler send this aggregated data to target Systems like Logstash, Kafka, Elasticsearch or files etc.

Filebeat Architeture

Filebeat Download Link: Filebeat Download


Complete Integration Example Filebeat, Kafka, Logstash, Elasticsearch and Kibana

Read More

To read more on Filebeat topics, sample configuration files and integration with other systems with example follow link Filebeat Tutorial  and  Filebeat Issues.

Leave you feedback to enhance more on this topic so that make it more helpful for others.

14 thoughts on “Filebeat Overview”

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s