Shipping Log Data


Course Summary

Before you can analyze your logs, you need to get them into Elasticsearch. This course will teach you how to set up and ship data with Filebeat, a light-weight data shipper that can tail multiple files at once and ship the data to your Elasticsearch cluster. In addition to shipping file data like logs, Filebeat can also tag data, parse multi-line log entries, and use conditionals to make decisions about what to do with each log line. This class covers these topics and more, including building resiliency and monitoring Filebeat. After completing this course, you will be able to easily tail and ship your logs to Elasticsearch with Filebeat. 

  • Introduction to Filebeat
  • Filebeat Architecture
  • Filebeat Modules and Outputs
  • Resilience and Recovery
  • Monitoring Filebeat
  • Multi-Line Processing

Course Details

This course is a module of the Logging specialization. Find out how our focused Training Specializations can help you with your use case.

Software Developers and Engineers, Data Architects, System Administrators, DevOps

2-3 hours

We recommend you have taken Elasticsearch Engineer I and Elasticsearch Engineer II or possess equivalent knowledge. Engineer I and Engineer II teach the concepts that are the foundation upon which all specializations are built.

  • Stable internet connection
  • Mac, Linux, or Windows
  • Latest version of Chrome or Firefox (Safari is not 100% supported)
  • Due to virtual classroom JavaScript requirements, we recommend that you disable any ad-blockers and restart your browser before class.

It was awesome. Both instructors are great speakers. They have a wide and deep knowledge about the topic, and they know how to pass it on. They are infecting with their enthusiasm.

Mariusz Kuskowski | Allegro Group