Hello.
I installed "Elasticsearch", "Logstash" and "Kibana" on CentOS 7 x64. I want forwarding Windows OS log to my CentOS server and my configurations are:
$ cat /etc/syslog-ng/syslog-ng.conf
options {
flush_lines (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (no);
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
ts_format(iso);
encoding(UTF-8);
};
source s_netsyslog {
udp(ip(0.0.0.0) port(514) flags(no-hostname));
tcp(ip(0.0.0.0) port(514) flags(no-hostname));
};
destination d_netsyslog { file("/var/log/network.log" owner("root") group("root") perm(0644)); };
log { source(s_netsyslog); destination(d_netsyslog); };
$ cat /etc/logstash/conf.d/logstash.conf
input {
generator {
}
}
filter {
}
output {
elasticsearch {
protocol => "node"
host => "host.domain.com"
cluster => "elasticsearch"
}
}
When I open "Kibana" then it show me a page "
What is it? Can it because of my configuration?
If I change "Logstash" configuration to:
input {
file {
path => ["/var/log/network.log"]
sincedb_path => "/var/log/logstash"
start_position => "beginning"
type => "syslog"
tags => [ "netsyslog" ]
}
}
Thank you.