INFO No non-zero metrics in the last 30s message in filebeat

Question 1

INFO No non-zero metrics in the last 30s message in filebeat

logstash filebeat

sandra · Jan 31, 2017 · Viewed 9k times · Source

Answer

Answer

The registry file stores the state and location information that Filebeat uses to track where it was last reading

So you can try updating or deleting registry file. see here

cd /var/lib/filebeat
sudo mv registry registry.bak
sudo service filebeat restart

I have also faced this issue and I have solved with above commands.

Question 2

I'm new to ELK and I'm getting issues while running logstash. I ran the logatash as defined in below link https://www.elastic.co/guide/en/logstash/current/advanced-pipeline.html

But when run filebeat and logstash, Its show logstash successfully runs at port 9600. In filebeat it gives like this

INFO No non-zero metrics in the last 30s

Logstash is not getting input from filebeat.Please help..

the filebeat .yml is

 filebeat.prospectors:
 - input_type: log
 paths:
 - /path/to/file/logstash-tutorial.log 
 output.logstash:
 hosts: ["localhost:5043"]

and I ran this command sudo ./filebeat -e -c filebeat.yml -d "publish"

The config file is

input {
    beats {
         port => "5043"
     }
  }

output {
     stdout { codec => rubydebug }
}

then ran the commands

 1)bin/logstash -f first-pipeline.conf --config.test_and_exit - this        gave warnings
2)bin/logstash -f first-pipeline.conf --config.reload.automatic -This started the logstash on port 9600

I couldn't proceeds after this since filebeat gives the INFO

INFO No non-zero metrics in the last 30s

And the ELK version used is 5.1.2

INFO No non-zero metrics in the last 30s message in filebeat

Answer

Related questions