Filebeat Latest Version : 6.2.4
Filebeat Download Link : https://www.elastic.co/downloads/beats/filebeat
Download filebeat from above link according to your Operating System and copy to directory where you want to install.
Installation on Linux : Go to directory where tar file was copied and use below command to install it.
tar –zxvf filebeat--linux-x86.tar.gz
Installation on Windows: Go to directory where zip file was copied and unzip file.
unzip file filebeat--window-xxx.zip file
Before Test and Run filebeat installation need to make below configuration changes in filbeat.yml file for prospectors,Output ,logging etc. Prospectors changes are required rest of changes optional and decide based on application requirements.
Optional Change : Based on your Application Requirement
- Filebeat Configuration Changes for Multiline Logs Handling like stacktrace, Objects, XML, JSON etc.
- Filebeat Configuration Changes for Elasticsearch Output
- Filebeat Configuration Changes for Logstash Output
- Filebeat Configuration Changes for Kafka Output
- Filebeat Configuration Changes for Logging
- Filebeat Commandline Arguments setting in configuration file
Run/Start Filebeat On Linux:
./filebeat -e -c filebeat.yml -d "publish"
For running filebeat in background add “screen –d –m” as given below:
screen -d -m ./filebeat -e -c filebeat.yml -d "publish"
For Logging filebeat output to log file remove –e option from command as given below and follow link Filebeat Configuration Changes for Logging for more info.
./filebeat -c filebeat.yml -d "publish" screen -d -m ./filebeat -c filebeat.yml -d "publish"
Filebeat 5 added new features of passing command line arguments while start filebeat. This is really helpful because no change required in filebeat.yml configuration file specifics to servers and and pass server specific information over command line. If in future your servers scaling and changes in output port and machine IP for elasticsearch or kafka or logstash. Then configuration team need to update only command line arguments for specific information and no change in configuration file.
Run/Start Filebeat with command line Arguments in Forground:
./filebeat -c filebeat.yml -d publish -E server= -E file=app1.log -E tz=CDT -E kafkaHost=IP:PORT
Run In Background :
screen –d –m ./filebeat -c filebeat.yml -d publish -E server= -E file=app1.log -E tz=CDT -E kafkaHost=IP:PORT
Here -E option represents argument values are passing from command line will set in respective position in filebeat.yml configuration file. Follow link Filebeat Commandline Arguments setting in configuration file .
To read more on Filebeat topics, sample configuration files and integration with other systems with example follow link Filebeat Tutorial and Filebeat Issues. To know more about YAML/YML follow YAML Tutorials
Leave you feedback to enhance more on this topic so that make it more helpful for others.