Alpine: Installing Filebeat

Bailey Kasin Alpine, ELK, Linux March 29, 2019

Filebeat is the tool used to forward logs from a client to an ELK server. It can be seen as equivalent to using rsyslog to forward to a syslog server.

I’ve recently finished setting up an ELK server at Rob and I’s apartment, and have been setting VM’s that we run to forward their logs to the server. Last night I got to the Alpine systems we run, which lead a slightly annoying discovery: the filebeat package has not yet made it out of the edge repos.

Thankfully, this is a simple fix. Just uncomment the line that looks like this in /etc/apk/repositories:

http://dl-cdn.alpinelinux.org/alpine/edge/testing

Then run:

apk update
apk add filebeat

Then comment out the line for testing repos and do apk update again, otherwise half your system will move to testing. Now you are able to configure filebeat and use it as normal.

Tags: Alpine, apk, elk, filebeat, Linux, logging

About: Bailey Kasin

I build virtual environments and challenges for Cybersecurity students to complete as a way to gain experience before graduating and entering the workforce.

Alpine: Installing Filebeat

About: Bailey Kasin

Leave a Reply Cancel reply