Sending logs to opensearch via filebeat

blason · September 3, 2024, 5:53am

Hi Team,

I have been using logstash to ingest the logs to opensearch from my linux DNS server, now my requirement is I wanted to ingest the logs via filebeat → logstash → opensearch.

Unfortunately that is not working and I really appreciate if someone can help me on this?

These are my settings and let me know if I am doing anything wrong?

filebeat.inputs:
- type: log
  enabled: true
  paths:
    - /var/lib/bind/rpz.log
    - /var/lib/bind/queries.log

And logstash here is the settings

input {
  beats {
    port => 5044
  }
}
output {
        opensearch {
        hosts => ["https://127.0.0.1:16577"]
        user => admin
        password => admin
        ssl => true
        ssl_certificate_verification => false
        index => "%{[@metadata][beat]}-%{[@metadata][version]}"
                }
        }

reshippie · September 3, 2024, 9:42pm

Do you have output.logstash configured in your filebeat.yml file?
Something along the lines of:

output.logstash:
  hosts:
    logstash.example.com:5044

system · November 2, 2024, 9:42pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Take data from filebeat to opensearch to see all in opensearch-dashboards OpenSearch	5	4607	May 9, 2023
Unable to send data from packetbeat OSS through logstash OpenSearch troubleshoot	8	434	March 14, 2023
Filebeat 7.17 not connecting to OpenSearch OpenSearch	4	715	October 6, 2023
Logstash pipeline with Auditbeat and Filebeat Open Source Elasticsearch and Kibana configure , install	6	651	May 25, 2024
Logstash to Logstash configuration OpenSearch feature-request	7	521	December 19, 2023

Sending logs to opensearch via filebeat

Related topics