Here is a part of filebeat logs
Nov 23 10:37:14 asd filebeat[1448]: 2021-11-23T10:37:14.757+0500 INFO [monitoring] log/log.go:145 Non-zero metrics in the last 30s {"monitoring": {"metrics": {"beat":{"cgroup":{"cpuacct":{"total":{"ns":32979998}}},"cpu":{"system":{"ticks":43270},"total":{"ticks":136480,"time":{"ms":31},"value":136480},"user":{"ticks":93210,"time":{"ms":31}}},"handles":{"limit":{"hard":524288,"soft":1024},"open":13},"info":{"ephemeral_id":"2141e610-9e32-4f98-852f-c76217b2dde7","uptime":{"ms":253140066},"version":"7.14.0"},"memstats":{"gc_next":20063312,"memory_alloc":19187328,"memory_total":9313768216,"rss":111796224},"runtime":{"goroutines":39}},"filebeat":{"events":{"active":-1,"added":7,"done":8},"harvester":{"open_files":1,"running":1}},"libbeat":{"config":{"module":{"running":1}},"output":{"events":{"acked":8,"active":0,"batches":7,"total":8},"read":{"bytes":4892},"write":{"bytes":8384}},"pipeline":{"clients":3,"events":{"active":0,"published":7,"total":7},"queue":{"acked":8}}},"registrar":{"states":{"current":16}},"system":{"load":{"1":0,"15":0,"5":0,"norm":{"1":0,"15":0,"5":0}}}}}}
Nov 23 10:37:15 asd filebeat[1448]: 2021-11-23T10:37:15.203+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:36:42: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 17.253.39.207 on interface inside\n"}
Nov 23 10:37:22 asd filebeat[1448]: 2021-11-23T10:37:22.753+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:36:49: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 17.253.39.207 on interface inside\n"}
Nov 23 10:37:30 asd filebeat[1448]: 2021-11-23T10:37:30.367+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:36:57: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 17.253.39.207 on interface inside\n"}
Nov 23 10:37:34 asd filebeat[1448]: 2021-11-23T10:37:34.024+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:00: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 17.253.123.201 on interface inside\n"}
Nov 23 10:37:35 asd filebeat[1448]: 2021-11-23T10:37:35.015+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:01: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 17.242.150.14 on interface inside\n"}
Nov 23 10:37:37 asd filebeat[1448]: 2021-11-23T10:37:37.949+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:04: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 17.253.39.207 on interface inside\n"}
Nov 23 10:37:44 asd filebeat[1448]: 2021-11-23T10:37:44.751+0500 INFO [monitoring] log/log.go:145 Non-zero metrics in the last 30s {"monitoring": {"metrics": {"beat":{"cgroup":{"cpuacct":{"total":{"ns":26536765}},"memory":{"mem":{"usage":{"bytes":16384}}}},"cpu":{"system":{"ticks":43270,"time":{"ms":4}},"total":{"ticks":136500,"time":{"ms":29},"value":136500},"user":{"ticks":93230,"time":{"ms":25}}},"handles":{"limit":{"hard":524288,"soft":1024},"open":13},"info":{"ephemeral_id":"2141e610-9e32-4f98-852f-c76217b2dde7","uptime":{"ms":253170066},"version":"7.14.0"},"memstats":{"gc_next":20539424,"memory_alloc":12058744,"memory_total":9316155432,"rss":111796224},"runtime":{"goroutines":39}},"filebeat":{"events":{"added":6,"done":6},"harvester":{"open_files":1,"running":1}},"libbeat":{"config":{"module":{"running":1}},"output":{"events":{"acked":6,"active":0,"batches":5,"total":6},"read":{"bytes":3497},"write":{"bytes":6250}},"pipeline":{"clients":3,"events":{"active":0,"published":6,"total":6},"queue":{"acked":6}}},"registrar":{"states":{"current":16}},"system":{"load":{"1":0,"15":0,"5":0,"norm":{"1":0,"15":0,"5":0}}}}}}
Nov 23 10:38:07 asd filebeat[1448]: 2021-11-23T10:38:07.692+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:34: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 142.251.1.95 on interface inside\n"}
Nov 23 10:38:07 asd filebeat[1448]: 2021-11-23T10:38:07.984+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:34: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:08 asd filebeat[1448]: 2021-11-23T10:38:08.519+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:35: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:09 asd filebeat[1448]: 2021-11-23T10:38:09.017+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:35: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:10 asd filebeat[1448]: 2021-11-23T10:38:10.013+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:36: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:11 asd filebeat[1448]: 2021-11-23T10:38:11.994+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:38: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:12 asd filebeat[1448]: 2021-11-23T10:38:12.243+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:39: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 128.1.78.67 on interface inside\n"}
Nov 23 10:38:12 asd filebeat[1448]: 2021-11-23T10:38:12.922+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<162>Nov 23 2021 10:37:39: %ASA-2-106001: Inbound TCP connection denied from 169.136.114.97/443 to 192.168.8.251/47690 flags RST on interface outside\n"}
Nov 23 10:38:12 asd filebeat[1448]: 2021-11-23T10:38:12.973+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:39: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 128.1.78.67 on interface inside\n"}
Nov 23 10:38:13 asd filebeat[1448]: 2021-11-23T10:38:13.786+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:40: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 128.1.78.67 on interface inside\n"}
Nov 23 10:38:14 asd filebeat[1448]: 2021-11-23T10:38:14.751+0500 INFO [monitoring] log/log.go:145 Non-zero metrics in the last 30s {"monitoring": {"metrics": {"beat":{"cgroup":{"cpuacct":{"total":{"ns":21845152}}},"cpu":{"system":{"ticks":43280,"time":{"ms":9}},"total":{"ticks":136530,"time":{"ms":26},"value":136530},"user":{"ticks":93250,"time":{"ms":17}}},"handles":{"limit":{"hard":524288,"soft":1024},"open":13},"info":{"ephemeral_id":"2141e610-9e32-4f98-852f-c76217b2dde7","uptime":{"ms":253200068},"version":"7.14.0"},"memstats":{"gc_next":20539424,"memory_alloc":14315040,"memory_total":9318411728,"rss":111796224},"runtime":{"goroutines":39}},"filebeat":{"events":{"active":1,"added":10,"done":9},"harvester":{"open_files":1,"running":1}},"libbeat":{"config":{"module":{"running":1}},"output":{"events":{"acked":9,"active":0,"batches":3,"total":9},"read":{"bytes":2162},"write":{"bytes":8541}},"pipeline":{"clients":3,"events":{"active":1,"published":10,"total":10},"queue":{"acked":9}}},"registrar":{"states":{"current":16}},"system":{"load":{"1":0,"15":0,"5":0,"norm":{"1":0,"15":0,"5":0}}}}}}
Nov 23 10:38:15 asd filebeat[1448]: 2021-11-23T10:38:15.405+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:42: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 128.1.78.67 on interface inside\n"}
Nov 23 10:38:16 asd filebeat[1448]: 2021-11-23T10:38:16.122+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:43: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:18 asd filebeat[1448]: 2021-11-23T10:38:18.692+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:45: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 128.1.78.67 on interface inside\n"}
Nov 23 10:38:24 asd filebeat[1448]: 2021-11-23T10:38:24.066+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:51: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:25 asd filebeat[1448]: 2021-11-23T10:38:25.093+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:52: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 128.1.78.67 on interface inside\n"}
Nov 23 10:38:28 asd filebeat[1448]: 2021-11-23T10:38:28.301+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:37:55: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.106 to 91.202.232.118 on interface inside\n"}
Nov 23 10:38:37 asd filebeat[1448]: 2021-11-23T10:38:37.892+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:38:04: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 128.1.78.67 on interface inside\n"}
Nov 23 10:38:38 asd filebeat[1448]: 2021-11-23T10:38:38.028+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:38:05: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 17.253.123.201 on interface inside\n"}
Nov 23 10:38:39 asd filebeat[1448]: 2021-11-23T10:38:39.949+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:38:06: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.126 to 173.194.221.94 on interface inside\n"}
Nov 23 10:38:42 asd filebeat[1448]: 2021-11-23T10:38:42.268+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<161>Nov 23 2021 10:38:09: %ASA-1-106021: Deny TCP reverse path check from 10.4.240.117 to 45.82.107.56 on interface inside\n"}
Nov 23 10:38:44 asd filebeat[1448]: 2021-11-23T10:38:44.753+0500 INFO [monitoring] log/log.go:145 Non-zero metrics in the last 30s {"monitoring": {"metrics": {"beat":{"cgroup":{"cpuacct":{"total":{"ns":37435077}}},"cpu":{"system":{"ticks":43290,"time":{"ms":17}},"total":{"ticks":136560,"time":{"ms":32},"value":136560},"user":{"ticks":93270,"time":{"ms":15}}},"handles":{"limit":{"hard":524288,"soft":1024},"open":13},"info":{"ephemeral_id":"2141e610-9e32-4f98-852f-c76217b2dde7","uptime":{"ms":253230073},"version":"7.14.0"},"memstats":{"gc_next":20539424,"memory_alloc":17554888,"memory_total":9321651576,"rss":111796224},"runtime":{"goroutines":39}},"filebeat":{"events":{"active":-1,"added":10,"done":11},"harvester":{"open_files":1,"running":1}},"libbeat":{"config":{"module":{"running":1}},"output":{"events":{"acked":11,"active":0,"batches":9,"total":11},"read":{"bytes":6292},"write":{"bytes":11410}},"pipeline":{"clients":3,"events":{"active":0,"published":10,"total":10},"queue":{"acked":11}}},"registrar":{"states":{"current":16}},"system":{"load":{"1":0,"15":0,"5":0,"norm":{"1":0,"15":0,"5":0}}}}}}
Nov 23 10:38:48 asd filebeat[1448]: 2021-11-23T10:38:48.768+0500 ERROR [syslog] syslog/input.go:285 can't parse event as syslog rfc3164 {"message": "<162>Nov 23 2021 10:38:15: %ASA-2-106001: Inbound TCP connection denied from 95.100.153.88/443 to 192.168.8.10/53130 flags RST on interface outside\n"}