This topic uses Filebeat as an example to describe how to install and manage a Beats data shipper. A shipper can collect the data of your Elastic Compute Service (ECS) instance, which includes log files, network data, and server metrics. The shipper then sends the data to Alibaba Cloud Elasticsearch or Logstash for further processing, such as monitoring and analytics.
Prerequisites
- An Alibaba Cloud Elasticsearch cluster is created.
For more information, see Create an Alibaba Cloud Elasticsearch cluster.
- The Auto Indexing feature is enabled for the Elasticsearch cluster.
For security purposes, Alibaba Cloud Elasticsearch disables the Auto Indexing feature by default. However, Beats depends on this feature. If you select Elasticsearch for Output when you create a shipper, you must enable the Auto Indexing feature. For more information, see Enable the Auto Indexing feature.
- An Alibaba Cloud ECS instance is created in the same virtual private cloud (VPC) as
the Alibaba Cloud Elasticsearch cluster.
For more information, see Create an instance by using the wizard.
Notice- The default installation directory of Beats is /opt/aliyunbeats/. After you install Beats, the conf, logs, and data directories are generated on the ECS instance. The conf directory contains the configuration file. The logs directory contains the Beats log file. The data directory contains the Beats data file. We recommend that you do not delete or modify the content of these files. Otherwise, errors may occur or data may be altered. If an error occurs, you can view the Beats logs in the logs directory to locate the error.
- Beats is available for only Aliyun Linux, Red Hat Enterprise Linux (RHEL), and CentOS.
- Cloud Assistant and Docker are installed on the ECS instance.
For more information, see Install the Cloud Assistant client and Deploy and use Docker.