Starting in version 7.16, this experimental functionality has been removed. You should use the journald input in Filebeat instead.
Elastic Docs› Journalbeat Reference [7.15]
« journalbeat.reference.yml Load the Elasticsearch index template »

How to guidesedit

Learn how to perform common Journalbeat configuration tasks.

  • Load the Elasticsearch index template
  • Change the index name
  • Enrich events with geoIP information
  • Use environment variables in the configuration
  • Parse data by using ingest node
  • Avoid YAML formatting problems
« journalbeat.reference.yml Load the Elasticsearch index template »

Most Popular

Video

Get Started with Elasticsearch

Video

Intro to Kibana

Video

ELK for Logs & Metrics