What line indicates that filebeat is creating an index in Elasticsearch. We are trying to debug the fact that its not creating an Elasticsearch index, but the harvester fails saying the index is missing. Isn't it the job of Filebeat to create this index when it starts, if so which lines in the logs (obtained via kubectl logs <pod.id>) indicate that it is getting created in the first place.
Error log shows this for Filebeat 7.7.x, 7.6.x ..
Could not init registrar: registry file version 1 not supported
Environment: Filebeat DaemonSet running in Kubernetes cluster
Its using this script https://github.com/elastic/beats/blob/7.7/deploy/kubernetes/filebeat/filebeat-daemonset.yaml to run as a DaemonSet in a kubernetes environment. VERSION was set to 7.7.0 https://github.com/elastic/beats/blob/7.7/deploy/kubernetes/filebeat/filebeat-daemonset.yaml#L23 and the error log has the above failure information.
