diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc index 459ab8ac42f..28a8577054d 100644 --- a/CHANGELOG.asciidoc +++ b/CHANGELOG.asciidoc @@ -77,6 +77,7 @@ https://github.com/elastic/beats/compare/v6.4.0...master[Check the HEAD diff] - Fix RFC3339 timezone and nanoseconds parsing with the syslog input. {pull}8346[8346] - Support multiline logs in logstash/log fileset of Filebeat. {pull}8562[8562] - Fix improperly set config for CRI Flag in Docker Input {pull}8899[8899] +- Just enabling the `elasticsearch` fileset and starting Filebeat no longer causes an error. {pull}8891[8891] *Heartbeat* diff --git a/filebeat/module/elasticsearch/server/manifest.yml b/filebeat/module/elasticsearch/server/manifest.yml index 23c6cec8b1b..2b6d8984346 100644 --- a/filebeat/module/elasticsearch/server/manifest.yml +++ b/filebeat/module/elasticsearch/server/manifest.yml @@ -4,8 +4,10 @@ var: - name: paths default: - /var/log/elasticsearch/*.log - os.darwin: [] - os.windows: [] + os.darwin: + - /usr/local/elasticsearch/*.log + os.windows: + - c:/ProgramData/Elastic/Elasticsearch/logs/*.log ingest_pipeline: ingest/pipeline.json prospector: config/log.yml