vpack/filebeat.md

Last active January 20, 2016 20:34

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/vpack/d38efde6092a5c1dc529.js"></script>
Save vpack/d38efde6092a5c1dc529 to your computer and use it in GitHub Desktop.

Download ZIP

Filebeat testing

Raw

filebeat.md

filebeatTest.sh

CONF="/tmp/f.yml"
cat << EOF >> $CONF
filebeat:
  registry_file: "/var/lib/filebeat/registry"
  prospectors:
    - 
      paths:
        - /var/log/my.log
      type: log
      fields:
        type: system_logs
logging:
  level: debug
  to_files: true
  to_syslog: false
  files:
    path: /var/log/mybeat
    name: mybeat.log
    keepfiles: 7
output:
  console:
    pretty: true
  logstash:
    hosts:
    - localhost:5044
   file:
    path: "/tmp/filebeat"
    filename: filebeat
    rotate_every_kb: 1000
    number_of_files: 7
EOF

filebeat -c $CONF -e -d "publish"

Use either console or file.

Another session:

$ cat p.py
for i in range(1,10000):
  for j in range(i,10000):
    print "Message # %s,%s" % (str(i),str(j))

$ python p.py > /var/log/my.log

Raw

test2.md

###Logstash

$ cat /etc/logstash/conf.d/beats.conf 
input {
    beats {
      port => 5043
    }
  }
output {
    stdout { codec => rubydebug }
    s3 { 
       bucket => "schl.sharedservicessandbox.logstash.logs" 
       time_file => 5
    }
    file {
        path => "/tmp/vpack.log"
    }
}

FileBeat


$ cat /etc/filebeat/filebeat.yml
filebeat:
  registry_file: "/var/lib/filebeat/registry"
  prospectors:
    - 
      paths:
        - /var/log/messages
      type: log
      fields:
        type: system_logs
logging:
  level: debug
  to_files: true
  to_syslog: false
  files:
    path: /var/log/mybeat
    name: mybeat.log
    keepfiles: 7
output:
  console:
    pretty: true
  logstash:
    hosts:
    - localhost:5043
  


#screen #1
filebeat  -e -d "publish"
#Screen #2
service logstash stop
service logstash start
tail -f /tmp/vpack.log