Interconnecting Elasticsearch with Beats (Metricbeat)

Scenario

Metricbeat periodically collects operating system and server running metrics (including CPU, memory, hard disk, I/O read/write speed, and process). Metricbeat can send the collected indicators and data to a specified output, for example, Elasticsearch, to achieve server monitoring.

The basic authentication is used for Elasticsearch to connect Metricbeat, which is insecure. You are advised to use the client tool esClient.sh to encrypt the password.
The Arm version is not supported.

Prerequisites

Metricbeat has been downloaded and installed.

Download the Metricbeat 7.10.2 installation package.
1. Download the Metricbeat installation package metricbeat-oss-7.10.2-linux-x86_64.tar.gz and upload it to the node to be installed, for example, /opt.
  Open-source community website: https://www.elastic.co/cn/downloads/past-releases/metricbeat-oss-7-10-2
2. Run the following commands to decompress the installation package and go to the directory of that package:
  cd /opt
  
  tar -xvf metricbeat-oss-7.10.2-linux-x86_64.tar.gz
  
  cd metricbeat-7.10.2-linux-x86_64/
Download the Metricbeat 6.6.2 installation package.
1. Download the Metricbeat installation package metricbeat-oss-6.6.2-linux-x86_64.tar.gz and upload it to the node to be installed, for example, /opt.
  Open-source community website: https://www.elastic.co/downloads/past-releases/metricbeat-oss-6-6-2.
2. Run the following commands to decompress the installation package and go to the directory of that package:
  cd /opt
  
  tar -xvf metricbeat-oss-6.6.2-linux-x86_64.tar.gz
  
  cd metricbeat-6.6.2-linux-x86_64/

Procedure

Configure the metricbeat.yml file. The following is an example:

metricbeat.config.modules:
  # Glob pattern for configuration loading
  path: ${path.config}/modules.d/*.yml
 
  # Set to true to enable config reloading
  reload.enabled: false
 
setup.template.settings:
  index.number_of_shards: 3               // Set the number of primary shards of the index.
  index.number_of_replicas: 1              // Set the number of replica shards of the index.
  index.codec: best_compression
  #_source.enabled: false
 
# Enable automatic index template generation.
setup.template.enabled: true
# Configuration file for generating the index template
setup.template.fields: fields.yml
# Name of the generated index template
setup.template.name: metricbeat_template
# Index format of the generated index template
setup.template.pattern: metricbeat*
 
output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["IP:Httpport"]
  index: metricbeat                           //Set the index name.
 
  # Optional protocol and basic auth credentials.
  protocol: "https"
  username: "usename"
  password: "password"                       // Enter the encrypted password.
  ssl.verification_mode: none               //Disable the Elasticsearch server certificate verification for Merticbeat.

The key configuration parameters are described as follows:

hosts: indicates the HTTP IP address and port number for connection.
index: indicates the index name.
protocol: indicates HTTPS in the security mode.
username: user who has the specified Elasticsearch operation permissions. For details about how to set Elasticsearch user permissions, see Elasticsearch Authentication Mode.
password: indicates the user password encrypted using the esClient.sh tool.
ssl.verification_mode: If this parameter is set to none, Metricbeat does not verify the Elasticsearch server certificate.
In normal mode, you do not need to set protocol, username, password, or ssl.verification_mode.
Before setting password, run the esClient.sh encrypt command to encrypt the password.

Run the following command to start Metricbeat:
- Use Metricbeat 7.10.2 to run the following commands:
  cd /opt/metricbeat-7.10.2-linux-x86_64/
  
  ./metricbeat -e -c metricbeat.yml
- Use Metricbeat 6.6.2 to run the following commands:
  cd /opt/metricbeat-6.6.2-linux-x86_64/
  
  ./metricbeat -e -c metricbeat.yml
Run the following command to query and verify the Elasticsearch index data that is written:

curl -XGET --tlsv1.2 --negotiate -k -u : "https://ip:httpport/metricbeat/_search?pretty"

Parent topic: Using Basic Authentication to Connect to Other Components

Previous topic: Interconnecting Elasticsearch with Beats (Filebeat)

Next topic: Connecting Elasticsearch to Kibana

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot