Created new index which is supposed to receive and collect logs from our endpoint solution however on Kibana it appears to list all the other index logs but expected?

devashishsingh · June 10, 2021, 4:13am

Hello Friends,

I have created a new logstash conf file for a new TCP syslogs collector and defined to send them to a new index. However on kibana the index pattern seems to have all but endpoint logs? Have I missed ay step? Please let me know what data I can share with you to find the cause.

Thank you,
Devashish Singh

Christian_Dahlqvist · June 10, 2021, 5:18am

Logstash by default concatenates all config files in the config directory into a single pipeline, which means all input data will go to all outputs unless you use conditionals. Each file is not a separate pipeline unless you specify this using the pipelines.yml file. Please see this blog post for more details.

devashishsingh · June 14, 2021, 7:57am

Thanks @Christian_Dahlqvist .

I did define three different pipelines for three config files with different inputs configurations.

Logstash started giving errors hence I restored the original/default content of pipeline.yml

system · July 12, 2021, 7:58am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash/Elasticsearch/Kibana Fundamentals Elasticsearch	3	397	December 27, 2019
Logstash multiple pipelines going into same index Logstash	3	2336	May 13, 2018
Logstash and/or Kibana config wrong Logstash	4	202	June 12, 2023
Logstash is sending logs to all output index configured in all conf's in pipeline Logstash windows	2	358	June 30, 2020
Two indexes receiving same content regardless of logstash conf files Logstash	4	558	June 3, 2019

Created new index which is supposed to receive and collect logs from our endpoint solution however on Kibana it appears to list all the other index logs but expected?

Related topics