Filebeat Overview


Filebeat is a light weight agent on server for log data shipping, which can monitors log files, log directories changes and forward log lines to different target Systems like Logstash, Kafka ,elasticsearch or files etc.

Filebeat work like tail command in Unix/Linux.

Latest Filebeat Version :   5.3

Why Filebeat ?

  • Lightweight agent for shipping logs.
  • Forward and centralize files and logs.
  • Robust (Not miss a single beat)

How Filebeat Work?

Filebeat starts prospectors to locate corresponding to each log file path mentioned in filebeat configuration file. Filebeat start a periodic harvester, which identify changes on file based on inode value, do tail to read change logs and send it to spooler to aggregate it. Processors (If configure) will perform different operation based on condition in spooler. Spooler send this aggregated data to target Systems like Logstash, Kafka, Elasticsearch or files etc.

filebeatflow.png

Filebeat Architeture

Filebeat Download Link: Filebeat Download

Integration

Complete Integration Example Filebeat, Kafka, Logstash, Elasticsearch and Kibana

Read More

To read more on Filebeat topics, sample configuration files and integration with other systems with example follow link Filebeat Tutorial  and  Filebeat Issues.

Leave you feedback to enhance more on this topic so that make it more helpful for others.

About Saurabh Gupta

My Name is Saurabh Gupta, I have approx. 10 Year of experience in Information Technology World manly in Java/J2EE. During this time I have worked with multiple organization with different client, so many technology, frameworks etc.
This entry was posted in Elasticsearch, Filebeat, Kafka, Logstash and tagged , , , . Bookmark the permalink.