Installing Filebeat on Centos 8

Filebeat is a client for transferring logs to logstash. Works in conjunction with ELK stack

Installing Filebeat from the repository

We import the PGP Key to further add the Elasticsearch repository

$ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Add the repository

$ sudo nano /etc/yum.repos.d/kibana.repo
[elasticsearch]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

Install Filebeat

$ sudo dnf -y install filebeat

Add a module that will check local system logs

$ sudo filebeat modules enable system

Launch the Filebeat setup

$ sudo filebeat setup

The system will do some work by scanning your system and connecting to the Kibana dashboard

Add Filebeat service to startup and start it

$ sudo systemctl enable --now filebeat

Checking if the service has started

$ systemctl status filebeat

Installing Filebeat from an RPM Package

Download the Filebeat package and install it

$ wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.9.3-x86_64.rpm -P /tmp
$ cd /tmp
$ sudo dnf -y localinstall filebeat-7.9.3-x86_64.rpm

Add Filebeat service to startup and start it

$ sudo systemctl enable --now filebeat

Checking if the service has started

$ sudo systemctl status filebeat
Sidebar