Data not showing in Kibana

Ranjeet_Ranjan · May 29, 2017, 6:55pm

Hi,

I have configured successfully but I am not able to see any data in Kibana. Getting massage No results found

Infra info

Elasticsearch
Kibana
Logstash
Filebeat
Centos 7

curl -XGET http://username:password@localhost:9200
{
"name" : "jB6-Mhs",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "vwhgh9ixQTu-4tjhkhk61dA",
"version" : {
"number" : "5.4.0",
"build_hash" : "780f4",
"build_date" : "2017-04-28T17:43:27.229Z",
"build_snapshot" : false,
"lucene_version" : "6.5.0"
},
"tagline" : "You Know, for Search"

cat /etc/logstash/conf.d/logstash.conf

input {
tcp {
port => 5000
type => syslog
}
udp {
port => 5000
type => syslog
}
}

filter {
if [type] == "syslog" {
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:[%{POSINT:syslog_pid}])?: %{GREEDYDATA:syslog_message}" }
add_field => [ "received_at", "%{@timestamp}" ]
add_field => [ "received_from", "%{host}" ]
}
date {
match => [ "syslog_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ]
}
}
}

output {
elasticsearch {
hosts => ["localhost:9200"]
user => username
password => password

uncomment this for debug messages

stdout { codec => rubydebug

}
}

input {
beats {
port => 5044
ssl => true
ssl_certificate => ["/usr/share/logstash/filebeat-forwarder.crt"]
ssl_key => ["/usr/share/logstash/filebeat-forwarder.key"]
ssl_verify_mode => none
}
}

Please help to het it solved.

tylersmalley · May 30, 2017, 3:48am

Can I get the response from http://localhost:9200/_cat/indices?

Ranjeet_Ranjan · May 30, 2017, 4:23am

When I curl -XGET http://localhost:9200/_cat/indices I get below error

{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/_cat/indices]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication token for REST request [/_cat/indices]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}

When curl -XGET http://username:password@localhost:9200/_cat/indices get below information.

yellow open .watcher-history-3-2017.05.28   sPw1r91kSFysSyHlMGaiSw 1 1    4605    0   3.5mb   3.5mb
yellow open .monitoring-es-2-2017.05.28     NxqtrrKST6S-rnL13Y2ztw 1 1  144556 1548  89.8mb  89.8mb
yellow open logstash-2017.05.22             59J0TuiAQteo4det99FcHg 5 1   19121    0   5.5mb   5.5mb
yellow open logstash-2017.05.23             MQUKGPdCT4GrvPt3cX6MKA 5 1   19142    0   5.5mb   5.5mb
yellow open .watcher-history-3-2017.05.27   jiN9ztq3S7Gr2z03cU1JsQ 1 1     575    0 490.9kb 490.9kb
yellow open logstash-2017.05.21             GobW8sjoTOaMtJEqg_NAPA 5 1   18970    0   5.5mb   5.5mb
green  open .security                       qurQ52pxTC2AtGVpbGEu7Q 1 0       2    0   7.1kb   7.1kb
yellow open .monitoring-alerts-2            qrSljKx2TEKvtnYy5Nvwug 1 1       1    0    13kb    13kb
yellow open logstash-2017.05.26             FHUeW_udRsKfZYTQefPYDA 5 1   20701    0   6.4mb   6.4mb
yellow open logstash-2017.02.05             8Ccva4pBRpOIBRvUsQ1L4A 5 1     183    0 453.9kb 453.9kb
yellow open .kibana                         iVgmMfwORBaXbuGIAne-PQ 5 1       4    0  24.1kb  24.1kb
yellow open logstash-2017.05.20             v4hMBErQR8K-iE1I5r6YuQ 5 1    1507    0   1.2mb   1.2mb
yellow open .monitoring-es-2-2017.05.27     pM0Y_kUKRam0SrlMFqIKyQ 1 1   16540    0   9.6mb   9.6mb
yellow open .monitoring-kibana-2-2017.05.29 -Vd_VPO1TR-XNmVaz-FM_A 1 1    8635    0   1.8mb   1.8mb
yellow open .monitoring-kibana-2-2017.05.30 3aI0feKNRjmcPUDOvYDahw 1 1    1550    0 348.5kb 348.5kb
yellow open .monitoring-data-2              0LJt88KUTvSTF1g0EJoDTw 1 1       3    0  11.8kb  11.8kb
yellow open logstash-2017.05.27             mwTEb84oTSG-x5MTPf65jQ 5 1 7448763    0   1.1gb   1.1gb
yellow open .watcher-history-3-2017.05.29   uPjIUP6wTEaO01nelaD6yw 1 1    7200    0   5.8mb   5.8mb
yellow open .watcher-history-3-2017.05.30   9hcaCmfVQ4CaZc2E_qol7A 1 1    1290    0   1.1mb   1.1mb
yellow open .monitoring-es-2-2017.05.29     LC3M2-yKSMutUoVRrlfgqQ 1 1  259866 1215 163.9mb 163.9mb
yellow open .triggered_watches              5NVY96jqRb2qW6WUP_CWtg 1 1       0    0 534.2kb 534.2kb
yellow open logstash-2017.05.19             T8XVFmV6TEKg91GQW5pm5Q 5 1       8    0  79.8kb  79.8kb
yellow open logstash-2017.05.24             g1m_ff3xRCWWh-u3pIvwoQ 5 1   19032    0   5.9mb   5.9mb
yellow open .monitoring-kibana-2-2017.05.28 I4lqJ71ESMarS3nl7fYstA 1 1    2229    0 592.4kb 592.4kb
yellow open .watches                        ZxhQYRb4TlqXj827IHZD8w 1 1       4    0  23.3kb  23.3kb
yellow open .monitoring-es-2-2017.05.30     YjgIE7YsQkSyi8hUvQyIkg 1 1   51704  987  33.4mb  33.4mb
yellow open logstash-2017.05.25             xXTiCwbXR5yDPJi2amxv3Q 5 1   19116    0     6mb     6mb

Ranjeet_Ranjan · May 30, 2017, 4:27am

Also when I change date range to last 7 days I can see some data. Last data time May 28th 2017, 03:32:46
I have installed X-pack but after that I did not see any reports.

system · June 27, 2017, 4:28am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.