Log in to your Alooma account and add a "Server Logs" input.
Give your input a label (name), and copy the generated token.
Configure Filebeat according to the example configuration below, making sure to use the token from step 2:
filebeat: prospectors: - # Paths that should be crawled and fetched. Glob based paths. # To fetch all ".log" files from a specific level of subdirectories # /var/log/*/*.log can be used. # For each file found under this path, a harvester is started. # Make sure no file is defined twice as this can lead to unexpected behavior. paths: - "/var/log/*.log" fields: # The token you receive when creating a new Filebeat input in the Alooma UI token: "<YOUR_TOKEN>" fields_under_root: true input_type: log output: logstash: hosts: ["inputs.alooma.com:5044"] ssl: enabled: true
You can further customize your Filebeat client by following the example configuration file in Filebeat's GitHub repository.
filebeat -c filebeat.yml
That's it, you're ready to send events to Alooma. Enjoy!