I'm trying to setup filebeat, elasticsearch and kibana on microk8s (single node Kubernetes implementation) using the helm charts from https://github.com/elastic/helm-charts.

My aim is to make the filebeat index show up in kibana. The metricbeat index already is showing up. I had it working for a few seconds, then it disappeared and now I'm working on it to appear again for 30 hours in the last days. Due to the sheer number of things I've done, I cannot list them. None of them seemed to make more sense than the other.

After enabling all log messages in filebeat.yml with

logging.level: debug
logging.selectors: '*'
logging.metrics.enabled: false

I still have no clue whether output is sent to elasticsearch or not. Or whether elasticsearch receives it. Or receives it and refuses it. Therefore I need a hint which message would indicate that the data for the index is sent to elasticsearch so that I can invest the next 30 hours in debugging either filebeat or elasticsearch.

I'm aware that the official docs doesn't use helm charts, but it's slighly sadomasochist to not do that in the k8s world. The docs only say apply yaml file xy which is not a documentation on elastic, but the shortest possible example for kubectl apply any way.