Hi All,
I've configured the ELK system for monitoring Palo Alto Log using Filebeats Modules PANW.
i check the data index management is real time counting and grow, but when i go to Discover not showing any data.
Thankyou All
@Xenial welcome to the community!
Go To Discover Select filebeat-* index pattern and increase the time range to say last 30 days.
Do you see anything?
Hello @stephenb , thankyou for your respond.
Today i've check my server, now data from Palo Alto log show on discover.
But i see the timestamp is wrong, timestamp not same in the real Time.
Note: Redline is the real time on my country
What is your setting here.
NOTE :
All Date Fields are stored and UTC in Elasticsearch, however they can be ingested improperly if the original message / ororiginating system does not include / have the proper timezone
Date / Timestamp fields are displayed in Kibana according to the browser timezone setting (default)
Thankyou Very Much @stephenb , now my data from module PANW looks great.
Anyway, can you help me for another issue?
https://discuss.elastic.co/t/create-different-index-management-and-index-pattern-for-different-firewall-devices/294678
Thankyou
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
