Configure an index pattern on CentOS 7

Hello.
I installed "Elasticsearch", "Logstash" and "Kibana" on CentOS 7 x64. I want forwarding Windows OS log to my CentOS server and my configurations are:

$ cat /etc/syslog-ng/syslog-ng.conf

options {
        flush_lines (0);
        time_reopen (10);
        log_fifo_size (1000);
        long_hostnames (off);
        use_dns (no);
        use_fqdn (no);
        create_dirs (no);
        keep_hostname (yes);
        ts_format(iso);
		encoding(UTF-8);
};

source s_netsyslog {
        udp(ip(0.0.0.0) port(514) flags(no-hostname));
        tcp(ip(0.0.0.0) port(514) flags(no-hostname));
};

destination d_netsyslog { file("/var/log/network.log" owner("root") group("root") perm(0644)); };

log { source(s_netsyslog); destination(d_netsyslog); };
$ cat /etc/logstash/conf.d/logstash.conf

input {
  generator {
  }
}

filter {
}

output {
  elasticsearch {
    protocol => "node"
    host => "host.domain.com"   
    cluster => "elasticsearch"
  }
}

When I open "Kibana" then it show me a page "
What is it? Can it because of my configuration?
If I change "Logstash" configuration to:

input {
  file {
    path => ["/var/log/network.log"]
    sincedb_path => "/var/log/logstash"
    start_position => "beginning"
    type => "syslog"
    tags => [ "netsyslog" ]
  }
}

Thank you.

You've got a number of threads with various different questions open at the moment and it's making it really hard to understand what you are doing and what your problems are.

We're happy to help but it would be much easier if you just picked a single thread :slight_smile:

I like to forward windows logs to my Linux logs.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.