Elastic old beat agents description - unix1998/technical_notes GitHub Wiki

Elastic Beats: A Brief Overview

Elastic Beats is a family of lightweight data shippers that forward various types of data to Elasticsearch. Each Beat is designed to collect specific data and ship it to Elasticsearch for indexing and analysis.

Commonly Used Beats:

While the exact number might fluctuate over time as Elastic introduces new Beats or deprecates existing ones, here are some of the most commonly used Beats:

• Metricbeat: Collects system and application metrics.
• Filebeat: Ships logs from various sources (files, syslog, etc.).
• Packetbeat: Captures network traffic information.
• Winlogbeat: Collects Windows event logs.
• Auditbeat: Gathers audit and security-related data.
• Heartbeat: Monitors the health of Elastic Stack components.

Additional Beats:

Elastic has also introduced Beats for specific use cases, such as:

• Logstash: While not a Beat itself, Logstash can be used as a data processing pipeline between Beats and Elasticsearch.
• Winlogbeat: Primarily for Windows environments.
• Functionbeat: For serverless and cloud functions.

Note: The Elastic Agent is a more recent development that aims to replace the individual Beats for simplified management and data collection.

Would you like to know more about a specific Beat or how to use them in your environment?