Can't filter with winlogbeat.event_id on kibana

proxx · June 24, 2019, 10:55am

Can't filter with winlogbeat.event_id on kibana.

Have restarted my winlogbeat service on my windowss server 2012 and also my ELK server.

Any way out pls.

rashmi · June 24, 2019, 3:07pm

What is the error in the logs when you restart winlogbeat ? Would you mind sharing more information - like logs, version, steps to reproduce etc ?

Thanks
Rashmi

proxx · June 25, 2019, 4:05am

I'm using a ELK 7.1.1 and winglogbeat 7.1.1.

Logs.

proxx · July 11, 2019, 11:36am

So finally got the solution

I delete the indices for winlogbeat in elasticsearch

rashmi · July 16, 2019, 1:28pm

Glad it worked after deleting the indices..
Thanks for posting your solution...

system · August 13, 2019, 1:28pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.