I just installed Elastic Stack 7.2 using Azure ARM template and configured fiebeats to export data to it. Everything looks works pretty straightforward. I can see the logs from kibana's logs plugin and also see the metrics for beats and everything looks works well.
But, I can not create index patterns using filebeat-*, even the logs plugin are able to use the same pattern to show logs. I tried to both creating an index pattern manually and have filebeats to create it by importing some built-in filebeats dashboard, unfortunately, both failed.
The error message is
Failed to fetch
Error: Failed to fetch
at http://xxx.xxx.xxx.xxx:5601/bundles/commons.bundle.js:3:1605400
Also here is one snapshot to show all filebeat indices are healthy.
In the above environment, I tried sample data and those data works, and I am able to get the kibana index patterns, dashboards, etc. What could be the issue that only filebeat-* indices can not create kibana index patterns?
This is a rather interesting problem. So the sample data works correctly, and the Logs UI is able to stream these filebeat-* logs, but you're unable to create filebeat-* index patterns.
Are you able to manually create any other index patterns? For example, can you create a pattern of kibana*?
Yes, I can manually create index patterns for other indices.
e.g. Here are the snapshot I created index patterns for the sample data and the one index pattern for the system indicies even.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
