- Auditbeat Reference: other versions:
- Overview
- Get started
- Set up and run
- Upgrade Auditbeat
- Configure
- Modules
- General settings
- Project paths
- Config file reloading
- Output
- SSL
- Index lifecycle management (ILM)
- Elasticsearch index template
- Kibana endpoint
- Kibana dashboards
- Processors
- Define processors
- add_cloud_metadata
- add_cloudfoundry_metadata
- add_docker_metadata
- add_fields
- add_host_metadata
- add_id
- add_kubernetes_metadata
- add_labels
- add_locale
- add_observer_metadata
- add_process_metadata
- add_tags
- community_id
- convert
- copy_fields
- decode_base64_field
- decode_json_fields
- decompress_gzip_field
- dissect
- dns
- drop_event
- drop_fields
- extract_array
- fingerprint
- include_fields
- registered_domain
- rename
- translate_sid
- truncate_fields
- Internal queue
- Logging
- HTTP endpoint
- Regular expression support
- auditbeat.reference.yml
- How to guides
- Modules
- Exported fields
- Monitor
- Secure
- Troubleshoot
- Get Help
- Debug
- Common problems
- Auditbeat fails to watch folders because too many files are open
- Auditbeat uses too much bandwidth
- Error loading config file
- Found unexpected or unknown characters
- Logstash connection doesn’t work
- @metadata is missing in Logstash
- Not sure whether to use Logstash or Beats
- SSL client fails to connect to Logstash
- Monitoring UI shows fewer Beats than expected
- Dashboard could not locate the index-pattern
- Contribute to Beats
Get started with Auditbeat
editGet started with Auditbeat
editTo get started with your own Auditbeat setup, install and configure these related products:
- Elasticsearch for storing and indexing the data.
- Kibana for the UI.
- Logstash (optional) for parsing and enhancing the data.
See Get started with the Elastic Stack for more information about installing these products.
You can skip having to install Elasticsearch and Kibana by using our hosted Elasticsearch Service on Elastic Cloud. The Elasticsearch Service is available on AWS, GCP, and Azure. Try out the Elasticsearch Service for free.
After installing the Elastic Stack, read the following topics to learn how to install, configure, and run Auditbeat. Upgrading to a new version of Auditbeat? Start by reading the Beats upgrade documentation.
ElasticON events are back!
Learn about the Elastic Search AI Platform from the experts at our live events.
Register now