Hello,

We would like to switch from Splunk to ELK and it is not clear if the Filebeat version that is offered in the AIX toolbox is compatible with the latest Elastic Search version (8.4).  According to the Support Matrix Filebeat 7.5.2 is not supported by Elastic Search 8.4.

Has anyone had any experience with Filebeat in AIX or can point us to the right direction?




------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

#AIXOpenSource

Hello Konstantinos,

we are using ELK with the Toolbox Filebeat version and it works great...

------------------------------
Joerg Kauke
Unix Administrator
COOP Switzerland
------------------------------

Original Message:
Sent: Fri September 09, 2022 04:34 AM
From: KONSTANTINOS STERGIOPOULOS
Subject: Moving from Splunk to ELK using Filebeat

Hello,

We would like to switch from Splunk to ELK and it is not clear if the Filebeat version that is offered in the AIX toolbox is compatible with the latest Elastic Search version (8.4).  According to the Support Matrix Filebeat 7.5.2 is not supported by Elastic Search 8.4.

Has anyone had any experience with Filebeat in AIX or can point us to the right direction?




------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

#AIXOpenSource

Hey, thanks for replying!

If you don't mind me asking, which version of Filebeat are you using with which version of Elasticsearch?

------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

Original Message:
Sent: Mon September 12, 2022 03:32 AM
From: Joerg Kauke
Subject: Moving from Splunk to ELK using Filebeat

Hello Konstantinos,

we are using ELK with the Toolbox Filebeat version and it works great...

------------------------------
Joerg Kauke
Unix Administrator
COOP Switzerland

Original Message:
Sent: Fri September 09, 2022 04:34 AM
From: KONSTANTINOS STERGIOPOULOS
Subject: Moving from Splunk to ELK using Filebeat

Hello,

We would like to switch from Splunk to ELK and it is not clear if the Filebeat version that is offered in the AIX toolbox is compatible with the latest Elastic Search version (8.4).  According to the Support Matrix Filebeat 7.5.2 is not supported by Elastic Search 8.4.

Has anyone had any experience with Filebeat in AIX or can point us to the right direction?




------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

#AIXOpenSource

Hello Konstantinos,

the version we are using is filebeat-7.5.2-1 & metricbeat-7.5.2-1.
Our actual ELK in running on Version 7.17.1 but we are just on the way to and Version 8.

------------------------------
Joerg Kauke
Unix Administrator
COOP Switzerland
------------------------------

Original Message:
Sent: Mon September 12, 2022 06:55 AM
From: KONSTANTINOS STERGIOPOULOS
Subject: Moving from Splunk to ELK using Filebeat

Hey, thanks for replying!

If you don't mind me asking, which version of Filebeat are you using with which version of Elasticsearch?

------------------------------
KONSTANTINOS STERGIOPOULOS

Original Message:
Sent: Mon September 12, 2022 03:32 AM
From: Joerg Kauke
Subject: Moving from Splunk to ELK using Filebeat

Hello Konstantinos,

we are using ELK with the Toolbox Filebeat version and it works great...

------------------------------
Joerg Kauke
Unix Administrator
COOP Switzerland

Original Message:
Sent: Fri September 09, 2022 04:34 AM
From: KONSTANTINOS STERGIOPOULOS
Subject: Moving from Splunk to ELK using Filebeat

Hello,

We would like to switch from Splunk to ELK and it is not clear if the Filebeat version that is offered in the AIX toolbox is compatible with the latest Elastic Search version (8.4).  According to the Support Matrix Filebeat 7.5.2 is not supported by Elastic Search 8.4.

Has anyone had any experience with Filebeat in AIX or can point us to the right direction?




------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

#AIXOpenSource

Konstantinos, I would like to hear why you are switching from Splunk to ELK, in the first place. I am unfamiliar with the details of Splunk, but I know it has a history of "on again off again" at my current enterprise. So apparently there are significant issues with Splunk! I'd like to better understand what those issues are.

------------------------------
Mackey Morgan
------------------------------

Original Message:
Sent: Fri September 09, 2022 04:34 AM
From: KONSTANTINOS STERGIOPOULOS
Subject: Moving from Splunk to ELK using Filebeat

Hello,

We would like to switch from Splunk to ELK and it is not clear if the Filebeat version that is offered in the AIX toolbox is compatible with the latest Elastic Search version (8.4).  According to the Support Matrix Filebeat 7.5.2 is not supported by Elastic Search 8.4.

Has anyone had any experience with Filebeat in AIX or can point us to the right direction?




------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

#AIXOpenSource

I believe it's a matter of different cost options and not so much a strictly technical decision.

------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

Original Message:
Sent: Mon September 12, 2022 12:37 PM
From: Mackey Morgan
Subject: Moving from Splunk to ELK using Filebeat

Konstantinos, I would like to hear why you are switching from Splunk to ELK, in the first place. I am unfamiliar with the details of Splunk, but I know it has a history of "on again off again" at my current enterprise. So apparently there are significant issues with Splunk! I'd like to better understand what those issues are.

------------------------------
Mackey Morgan

Original Message:
Sent: Fri September 09, 2022 04:34 AM
From: KONSTANTINOS STERGIOPOULOS
Subject: Moving from Splunk to ELK using Filebeat

Hello,

We would like to switch from Splunk to ELK and it is not clear if the Filebeat version that is offered in the AIX toolbox is compatible with the latest Elastic Search version (8.4).  According to the Support Matrix Filebeat 7.5.2 is not supported by Elastic Search 8.4.

Has anyone had any experience with Filebeat in AIX or can point us to the right direction?




------------------------------
KONSTANTINOS STERGIOPOULOS
------------------------------

#AIXOpenSource