Prerequisites
-
The Open Collector is installed. If you have not already installed it, follow the instructions in the Open Collector Installation and User Guide, and then return to this topic.
-
You have the required keys: GCP Credential file contents, GCP Project ID, and the GCP BigQuery Dataset name.
-
The following port is open:
Direction
Port
Protocol
Source
Outbound
443
HTTPS
gmtbeat
Initialize the Beat
-
Confirm the Open Collector is running:
./lrctl statusYou should see the open_collector and metrics as shown in the following graphic:
If the Open Collector is not running correctly, see the
Troubleshoot the Open Collectortopic in the Open Collector Installation and User Guide.
-
Start the beat:
./lrctl gmtbeat start
-
Enter the following details:
Starting with GMT Beat version 0.1.2, the contents of this user credential file are saved in encrypted format.
-
GCP credential file contents:
-
GCP Project ID:
-
GCP BigQuery Dataset name:
To change the dataset name in the beat after changing the configuration, use the following to delete the previous position file and re-enable log collection:
Bashrm /var/lib/docker/volumes/gmtbeat_logs/_data/pos.json
The configuration has been saved and the service has been started successfully.
-
-
Check the status of the service:
./lrctl gmtbeat status
Default Config Values for GMTBeat:
|
S. No. |
Field Name |
Default Value |
|---|---|---|
|
1. |
project |
User Provided |
|
2. |
HeartbeatInterval |
5m0s |
|
3. |
HeartbeatDisabled |
false |
|
4. |
CredentialsFile |
/beats/gmtbeat/config/gmt_credentials.json |
|
5. |
Datadet |
User Provided |
|
6. |
NumberOfBackDays |
7 |
|
7. |
Period |
10s |