-ELK is running on localhost & successfully getting logs.
-Both VM's are on same server.
-OS on both VM'S is Ubuntu 18-04 LTS.
Asked
Active
Viewed 86 times
0
-
Did you setup filebeat on the client? I don't think you did the complete setup. – Mark Scheck Oct 23 '20 at 10:16
-
yes i have configured filebeat on client vm. what i need to do in filebeat.yml in order to sends its logs to elk-server VM? – Baqir kazmi Oct 23 '20 at 11:12
-
Not a fun thing, but follow all these steps and it should work, https://www.howtoforge.com/tutorial/how-to-setup-elk-logstash-as-centralized-log-management-server/ – Mark Scheck Oct 23 '20 at 11:15
1 Answers
0
I have a testing environment for my ELK stack build in Vagrant. I avoid the service-discovery problem by using static IP addresses for the VMs and configuring those as part of the Logstash/Filebeat config. If you are doing:
Filebeat --> [network] --> Logstash (beats {} input) --> Elasticsearch
Make sure the beats {} input is listening on something other than localhost.
If you are doing:
Filebeat --> [network] --> Elasticsearch
You will need to set up elasticsearch.yml to listen on the VM's interface rather than localhost.
sysadmin1138
- 131,083
- 18
- 173
- 296