- Journalbeat Reference for 6.5-7.15:
- Overview
- Getting started with Journalbeat
- Setting up and running Journalbeat
- Configuring Journalbeat
- Configure inputs
- Specify general settings
- Configure the internal queue
- Configure the output
- Set up index lifecycle management
- Specify SSL settings
- Filter and enhance the exported data
- Parse data by using ingest node
- Set up project paths
- Set up the Kibana endpoint
- Load the Elasticsearch index template
- Configure logging
- Use environment variables in the configuration
- YAML tips and gotchas
- Regular expression support
- HTTP Endpoint
- journalbeat.reference.yml
- Exported fields
- Monitoring Journalbeat
- Securing Journalbeat
- Troubleshooting
This functionality is experimental and may be changed or removed completely in a
future release. Elastic will take a best effort approach to fix any issues, but
experimental features are not subject to the support SLA of official GA
features.
Journalbeat features that require authorization
editJournalbeat features that require authorization
editAfter securing Journalbeat, make sure your users have the roles (or associated privileges) required to use these Journalbeat features. Note that some of the roles shown here are built-in, and some are user-defined.
| Feature | Role |
|---|---|
Send data to a secured cluster |
|
Load index templates |
|
Read indices created by Journalbeat |
|
Load index lifecycle policies and use index lifecycle management |
|
To create the user-defined roles shown here, see Configure authentication credentials and Grant users access to Journalbeat indices. You may want to define additional roles to provide more restrictive access.
[1] These roles are user-defined.
Was this helpful?
Thank you for your feedback.