hello,
i want to monitor the network in elasticsearch cloud
so i have 2 questions:
1- how i can enter data and send it to the cluster to monitor it from kibana
2-which software i should install x-pack,elasticsearch and kibana or all?
anyone here
Read this and specifically the "Also be patient" part.
Also I don't really understand what you are asking. May be add more details about what you want to do?
i want to integrate it in the network using elasticsearch cloud to collect “, organize and search Log data and systems events for errors, security breaches..... etc.
i open the kibana dashboard from the cluster which i create and i don't know what i should do after that
this message apeared on the dashboard so i want to connect kibana with the data
organize and search Log data and systems events for errors, security breaches..... etc.
Did you start collecting data with beats?
If you didn't, may be start here: Log Monitoring with Elastic Observability | Elastic
i understand from this link that i should install elasticsearch, kibana and filebeat and i did that but i can't install all of them as i don't understand where i copy these links and how i install elasticsearch ,beats and kibana
hint: kibana dashboared open from the cluster which i create
It's unclear to me what you don't understand.
So you installed:
- elasticsearch
- kibana
- filebeat
Right?
Then you started:
- elasticsearch
- kibana
Right?
And you started filebeat?
Whatever you did, could you copy all the exact commands you ran so far so it' easier to understand what you did and where you are blocked.
Also share command output and elasticsearch logs.
Then please describe what are the logs you want to collect and how you configured filebeat for that.
now i don't install anything i don't understand how i can install elasticsearch, kibana and beats
i just create a cluster and open the kibana dashboard from it
where i paste these links to install them ?
i want to collect plain text logs and windows logs and i don't know how i configure filebeat
Start here then: https://www.elastic.co/guide/en/elasticsearch/reference/current/getting-started.html
yes i want to monitor the network from elastic cloud and add devices on it
Which network you want to monitor? Where are the machines you want to monitor?
What do you mean by monitoring the network?
Could you be please more specific?
About you initial questions:
1- how i can enter data and send it to the cluster to monitor it from kibana
Install the beat agent(s) you need (depending on your use case) and define the cloud id parameter you can get from the cloud.elastic.co interface.
Everything is explained in the beats documentation.
2-which software i should install x-pack,elasticsearch and kibana or all?
Elasticsearch, Kibana and x-pack are already installed on cloud.elastic.co.
ok i need to monitor my local network in my company like searching, see all logs windows logs and plain text logs and see the network traffic to know the network behavior to know when i take pack up of a device if i need to do that and to know if there is high traffic on specific device or not which refer to that there is a malware in the network
you mean that i shouldn't install elasticsearch, kibana and x-pack right?
are everything i need to do be clear to you now or not ?
thanks a lot for your effort 
and sorry for i can't illustrate my needs
like searching, see all logs windows logs
Install Winlogbeat: Winlogbeat Reference [8.11] | Elastic
plain text logs
Install filebeat: Filebeat Reference [8.11] | Elastic
you mean that i shouldn't install elasticsearch, kibana and x-pack right?
If you want to use cloud.elastic.co which is our elastic as a service offer, available online, you don't need to install elasticsearch, kibana and x-pack.
If you don't want to use it, then you have to install:
- elasticsearch
- kibana
On which you can add x-pack if you need advanced features like security, machine learning...
or
Elastic cloud entreprise (commercial): Elastic Cloud Enterprise Reference [3.6] | Elastic
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.