Fluent Bit – Sending Logs to ELK with Fluent Bit

Fluent Bit is a lightweight, high-performance log processor & forwarder, suitable for distributed systems, containers like Kubernetes, or resource-constrained environments.

Prepare Fluent-Bit: https://docs.fluentbit.io/manual/installation/windows#installing-from-exe-installer

Next we will update the fluent-bit.conf, need to know the 3 main sections we will focus on.

  • [INPUT]: Specifies where logs are collected from; in our case, it will be collected from the sample logs file we have created.

  • [OUTPUT]: Specifies where logs should be sent; we want to forward them to Elasticsearch.

  • [PARSER]: Defines how logs should be structured using regex; we have updated the parser.conf file so there is no need to change it.

This configuration is for Fluent Bit to read logs from a file (C:/Users/Admin/Downloads/demo.log) and forward them to an Elasticsearch instance.

For the OUTPUT:

  • name es: The es output plugin sends logs to Elasticsearch.

  • Host 192.168.35.135: The IP address or hostname of the Elasticsearch server.

  • Port 9200: The port where Elasticsearch is listening (default is 9200).

  • tls on: Enables TLS/SSL encryption for communication with Elasticsearch.

  • tls.verify off: Disables certificate verification.

  • Trace_Output on: Enables verbose logging for debugging purposes.

Now, let's run Fluent Bit:

& 'C:\Program Files\fluent-bit\bin\fluent-bit.exe' -c 'C:\Program Files\fluent-bit\conf\fluent-bit.conf'

Let's confirm whether the logs are successfully being forwarded to ELK.

PreviousConfigure Elasticsearch and Kibana setup in ubuntuNextWinlogbeat – Collecting and Forwarding Windows Event Logs.

Last updated

Was this helpful?