What is the use of FileBeat while parsing logs in Elasticsearch
Question
我没有理解为什么在有logstash时为什么需要文件拍的概念。
2 answers
solution1
0 ACCPTED 2018-10-26 19:28:09
With filebeat you are able to collect and forward logfiles from one or many remote servers. There is also a option to add source specific fields to your log entries.
You have several output options like elasticsearch or logstash for further analysis/filtering/modification.
Just imagine 20 or 200 machines running services like databases, webservers, hosting applications and containers. And now you need to collect all the logs...
only with logstash you'll be pretty limited in this scenario
solution2
0 2018-10-26 23:44:33
Beats are light-weight agents used primarily for forwarding events from multiple sources. Beats have a small footprint and use fewer system resources than Logstash.
Logstash has a larger footprint, but provides a broad array of input, filter, and output plugins for collecting, enriching, and transforming data from a variety of sources.
Please note though that filebeat is also capable of parsing for most use cases using Ingest Node as described here .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.