连接filebeat到elasticsearch

时间:2019-05-22 00:37:36

标签: elasticsearch kibana filebeat

我整天都在面对这个问题,我不明白自己在做什么错。我是一个初学者,我遵循了有关如何在Filebeat,elasticsearch和kibana之间进行完整设置的教程。 Filebeat继续无法从日志连接到elasticsearch。下面是我的代码

filebeat.inputs:
  - type: log
  enabled: true
  paths:    
    - C:\ProgramData\Elastic\Elasticsearch\logs\*.log

filebeat.config.modules:
  path: ${path.config}/modules.d/*.yml
  reload.enabled: false

setup.template.settings:
  index.number_of_shards: 1


setup.kibana:

output.elasticsearch:
  hosts: ["localhost:9200"]

processors:
  - add_host_metadata: ~
  - add_cloud_metadata: ~

这是日志

2019-05-22T02:28:02.352+0200    ERROR   pipeline/output.go:100  Failed to connect to backoff(elasticsearch(http://localhost:9200)): Connection marked as failed because the onConnect callback failed: This Beat requires the default distribution of Elasticsearch. Please upgrade to the default distribution of Elasticsearch from elastic.co, or downgrade to the oss-only distribution of beats
2019-05-22T02:28:02.352+0200    INFO    pipeline/output.go:93   Attempting to reconnect to backoff(elasticsearch(http://localhost:9200)) with 62 reconnect attempt(s)
2019-05-22T02:28:02.355+0200    INFO    elasticsearch/client.go:734 Attempting to connect to Elasticsearch version 5.5.0
2019-05-22T02:28:15.560+0200    INFO    [monitoring]    log/log.go:144  Non-zero metrics in the last 30s    {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":3781,"time":{"ms":62}},"total":{"ticks":6640,"time":{"ms":94},"value":6640},"user":{"ticks":2859,"time":{"ms":32}}},"handles":{"open":303},"info":{"ephemeral_id":"09bb9e79-0c2c-40fd-8a89-5098d60f3374","uptime":{"ms":2521080}},"memstats":{"gc_next":4259632,"memory_alloc":2907056,"memory_total":24455264,"rss":-8192}},"filebeat":{"harvester":{"open_files":0,"running":0}},"libbeat":{"config":{"module":{"running":0}},"output":{"read":{"bytes":673},"write":{"bytes":260}},"pipeline":{"clients":1,"events":{"active":28,"retry":28}}},"registrar":{"states":{"current":5}}}}}

1 个答案:

答案 0 :(得分:0)

错误消息很清楚

  

无法连接到退避(elasticsearch(http://localhost:9200)):由于onConnect回调失败,连接标记为失败:此Beat需要使用默认的Elasticsearch分发。请从elastic.co升级到Elasticsearch的默认发行版,或降级为节拍的仅适用于OSS发行版

似乎您的Filebeat版本和Elasticsearch版本之间不匹配。您已安装filebeat-oss,并尝试与licensed Elasticsearch进行交互。

因此,从理论上讲,您有两种选择:

  1. 您可以安装licensed Filebeat并保持Elasticsearch不变
  2. 您可以降级为elasticsearch-oss,并保持Filebeat不变

但是,按照我的看法,由于您使用的是Elasticsearch 5.5.0(旧版本),因此唯一的选择是安装Filebeat 5.6.16

相关问题
最新问题