We will start with Introduction to Filebeat and then end post with installing filebeat.
Filebeat is a light-weight log shipper. It is installed as a agent and listen to your predefined set of log files and locations and forward them to your choice of sink (Logstash, Elasticsearch, database etc.).
You can install Filebeat with deb, rpm, mac, docker and windows. We will look into each one of them in detail below.
deb
curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.3.2-amd64.deb
sudo dpkg -i filebeat-6.3.2-amd64.debrpm
curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.3.2-x86_64.rpm
sudo rpm -vi filebeat-6.3.2-x86_64.rpmmac
curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.3.2-darwin-x86_64.tar.gz
tar xzvf filebeat-6.3.2-darwin-x86_64.tar.gzdocker
docker pull docker.elastic.co/beats/filebeat:6.3.2Windows Download the filebeat from official website and do the following configurations.
- Extract the zip file to your choice of location. e.g.
C:\Program Files.- Rename the
filebeat--windowsdirectory toFilebeat.- Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select Run As Administrator).
- From the PowerShell prompt, run the following commands to install Filebeat as a Windows service:
// Command to execute from powershell
cd 'C:\Program Files\Filebeat'
.\install-service-filebeat.ps1