How to use the Filebeat Add-in

About using Filebeat

Filebeat is an open source file harvester, used to fetch log files and feed them into Logstash, and this add-in makes it easy to add across your servers.

Add Filebeat to your stack

To add Filebeat, access the add-ins menu of your stack and click Filebeat under the External Addins category.

We’ll ask you for your ELK stack endpoint - if you don’t have one, you can deploy one using this public Git repository.

An ELK stack consists of Elasticsearch, Logstash, and Kibana. Logstash is an open source tool for collecting, parsing, and storing logs for future use. Kibana is a web interface that can be used to search and view the logs that Logstash has indexed. Both of these tools are based on Elasticsearch, which is used for storing logs

After the add-in is installed on your server(s) and configured and some logs are send to the ELK stack, go to your ELK stack address and you should be able to see them in the Kibana. One last thing to do is to: go to Settings > Indices tab, search for filebeat-* and add a new index template by clicking on Create.

If no logs are coming in, make sure that port 5044 is open on your ELK stack and is receiving connections!