filebeat配置文件
filebeat.config:
modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
filebeat.inputs:
- type: syslog
format: auto
protocol.tcp:
host: "0.0.0.0:1514"
- type: syslog
format: auto
protocol.udp:
host: "0.0.0.0:1514"
docker启动filebeat
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/timezone:/etc/timezone:ro \
--net host \
--restart=always \
--name=filebeat-syslog \
-v /home/{username}/filebeat/filebeat.docker.yml:/usr/share/filebeat/filebeat.yml:ro \
docker.elastic.co/beats/filebeat:7.17.15 filebeat
调整syslog配置往filebeat推送日志
*.* @@127.0.0.1:514
浙公网安备 33010602011771号