Configure an index pattern on CentOS 7

hack3rcon · June 18, 2017, 11:17am

Hello.
I installed "Elasticsearch", "Logstash" and "Kibana" on CentOS 7 x64. I want forwarding Windows OS log to my CentOS server and my configurations are:

$ cat /etc/syslog-ng/syslog-ng.conf

options {
        flush_lines (0);
        time_reopen (10);
        log_fifo_size (1000);
        long_hostnames (off);
        use_dns (no);
        use_fqdn (no);
        create_dirs (no);
        keep_hostname (yes);
        ts_format(iso);
		encoding(UTF-8);
};

source s_netsyslog {
        udp(ip(0.0.0.0) port(514) flags(no-hostname));
        tcp(ip(0.0.0.0) port(514) flags(no-hostname));
};

destination d_netsyslog { file("/var/log/network.log" owner("root") group("root") perm(0644)); };

log { source(s_netsyslog); destination(d_netsyslog); };

$ cat /etc/logstash/conf.d/logstash.conf

input {
  generator {
  }
}

filter {
}

output {
  elasticsearch {
    protocol => "node"
    host => "host.domain.com"   
    cluster => "elasticsearch"
  }
}

When I open "Kibana" then it show me a page "
What is it? Can it because of my configuration?
If I change "Logstash" configuration to:

input {
  file {
    path => ["/var/log/network.log"]
    sincedb_path => "/var/log/logstash"
    start_position => "beginning"
    type => "syslog"
    tags => [ "netsyslog" ]
  }
}

Thank you.

warkolm · June 18, 2017, 11:27am

You've got a number of threads with various different questions open at the moment and it's making it really hard to understand what you are doing and what your problems are.

We're happy to help but it would be much easier if you just picked a single thread

hack3rcon · June 18, 2017, 12:51pm

I like to forward windows logs to my Linux logs.

system · July 16, 2017, 12:51pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.