elasticsearch - Filebeat doesn't forward data to logstash -

i have setup using elasticsearch, kibana, logstash on 1 vm machine , filebeat on slave machine. managed send syslog messages , logs auth.log file following tutorial from here. in filebeat log saw messages published, when try send json file don't see publish event ( see flushing spooler because of timemout. events flushed: 0). filebeat.yml file

    filebeat:   prospectors:     -       paths:       #  - /var/log/auth.log       #  - /var/log/syslog       #  - /var/log/*.log         - /home/slave/data_2/*       input_type: log        document_type: log    registry_file: /var/lib/filebeat/registry  output:   logstash:     hosts: ["192.168.132.207:5044"]      tls:       certificate_authorities: ["/etc/pki/tls/certs/logstash-forwarder.crt"]  shipper:  logging:   level: debug   to_files: true   to_syslog: false   files:     path: /var/log/mybeat     name: mybeat.log     keepfiles: 7     rotateeverybytes: 10485760 # = 10mb 

please note tabs not allowed in filebeat.yml!!!! used notepad++ , view>show>whitespace , tab. sure enough there tab char in blank line , filebeat wouldn't start. use filebeat -c filebeat.yml -configtest , give more information.