Data Not Being Fed Into Kibana

We are attempting to deploy the ELK stack for the first time but data is not being received by Kibana. The file path for alerts file is: /var/ossec/logs/alerts/alerts.json. A check of permissions indicates Logstash can read this file:

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 4480 logstash 15r REG 252,0 227337152 14811176 /var/ossec/logs/alerts/alerts.json
ossec-ana 25893 ossec 9w REG 252,0 227337152 14811176 /var/ossec/logs/alerts/alerts.json

It was recommended that we test the following command:

/usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/01-ossec-singlehost.conf --path-settings=/etc/logstash/

This resulted in an error:

-bash: /usr/share/logstash/bin/logstash: No such file or directory

Any suggestions on a next step would be greatly appreciated.

Thank you,

Marc Baker

Bash cannot find your logstash binary there. Where is it installed?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.