Hi, we are facing some problems creating index patterns in the 7.10.0 version.
When trying to create the index pattern of a remote cluster we got the error No matching indices found. However, the indexes do exist (the indexes are shown in the first step of the index pattern creation).
In step two, we can see there is something wrong before clicking on Create index pattern since the Time field menu does not appear, even when there are indices with timestamps.
If we go to Discover, the documents are displayed, but since there are no fields in the index pattern, it does not allow filtering using the document's fields.
If we create the index pattern using the API and adding some initial fields, they do appear on Discover and we can filter by them, but the index pattern can not be refreshed (we got the same error No matching indices found) so new fields can not be added to the index pattern.
Is there any reason why you are trying to make all the log sources in one index !!?
I think it's for that, that you are getting errors
If you want to create an index, create one for each beat,
Example: one for filebeat-* and another one for packetbeat- ....etc
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
