Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Log file is not getting created #60

Open
sriramb12 opened this issue Aug 26, 2022 · 0 comments
Open

Log file is not getting created #60

sriramb12 opened this issue Aug 26, 2022 · 0 comments

Comments

@sriramb12
Copy link

sriramb12 commented Aug 26, 2022
edited
Loading

There are 2 issues

  1. /var/log/o365beat is not created
    even if manually created, there are no log files being created
  • the Azure AD data is not getting collected. it does not create the file. The same worked earlier

[root@ models]# systemctl status o365beat -l
● o365beat.service - Shipper for Office 365 logs from Management Activities API.
Loaded: loaded (/usr/lib/systemd/system/o365beat.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2022-08-26 12:19:11 AWST; 412ms ago
Docs: https://www.elastic.co/products/beats/o365beat
Main PID: 2687 (o365beat)
Memory: 5.6M
CGroup: /system.slice/o365beat.service
└─2687 /usr/share/o365beat/bin/o365beat -e -c /etc/o365beat/o365beat.yml -path.home /usr/share/o365beat -path.config /etc/o365beat -path.data /var/lib/o365beat -path.logs /var/log/o365beat

Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.075+0800 INFO instance/beat.go:297 Setup Beat: o365beat; Version: 1.5.1
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.075+0800 INFO fileout/file.go:98 Initialized file output. path=/home/o365beat/o365.log max_size_bytes=10485760 max_backups=7 permissions=-rw-------
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.075+0800 INFO [publisher] pipeline/module.go:97 Beat name: crystaleye.lan
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.076+0800 INFO [monitoring] log/log.go:118 Starting metrics logging every 30s
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.076+0800 INFO instance/beat.go:429 o365beat start running.
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.076+0800 INFO beater/o365beat.go:459 o365beat is running! Hit CTRL-C to stop it.
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.076+0800 INFO beater/o365beat.go:203 enabling subscriptions for configured content types: [Audit.AzureActiveDirectory Audit.Exchange Audit.SharePoint Audit.General]
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.076+0800 INFO beater/o365beat.go:164 getting content subscriptions
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.076+0800 INFO beater/o365beat.go:106 auth nil or expired, re-authenticating
Aug 26 12:19:11 crystaleye.lan o365beat[2687]: 2022-08-26T12:19:11.076+0800 INFO beater/o365beat.go:133 authenticating via https://login.microsoftonline.com/tkqlm.onmicrosoft.com/oauth2/token?api-version=1.0
[root@crystaleye models]# ls -l /home/o365beat/
total 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sriramb12