Documentation

Filebeat Integration

Alooma supports Elasticsearch's beats protocol to receive events. Using Filebeat, it is possible to send events to Alooma from backend log files in a few easy steps.

  1. Log in to your Alooma account and add a "Server Logs" input from the Plumbing page.

  2. Give your input a name, and click Next.

  3. Copy the generated token.

  4. Download and install Filebeat.

  5. Configure Filebeat according to the example configuration below, making sure to use the token from step 3:

    Copy
    filebeat: 
      prospectors:
        - 
          # Paths that should be crawled and fetched. Glob based paths. 
          # To fetch all ".log" files from a specific level of subdirectories 
          # /var/log/*/*.log can be used. 
          # For each file found under this path, a harvester is started. 
          # Make sure no file is defined twice as this can lead to unexpected behavior. 
          paths: 
            - "/var/log/*.log" 
    
          fields: 
            # The token you receive when creating a new Filebeat input in the Alooma UI 
            token: "<YOUR_TOKEN>" 
          fields_under_root: true 
          input_type: log 
    
    output: 
      logstash: 
        hosts: ["inputs.alooma.com:5044"] 
        ssl:
          enabled: true 

    You can further customize your Filebeat client by following the example configuration file in Filebeat's GitHub repository.

  6. Run Filebeat: filebeat -c filebeat.yml

That's it, you're ready to send events to Alooma. Enjoy!

Search results

    No results found