Hi I have setup elastic agent in an elasticsearch 8.7 environment and up to a few days ago everything was working fine but now it is not sending the ssh failed events to the elasticsearch which was a no problem in previous days. Everything else is working fine even ssh Accepted events are being sent to elasticsearch. Does anyone know the cause of this problem?
Hi @hoomant
Have you tried restarting the services? Have there been any recent changes to your network? Have you checked the logs for information that might help?
Best regards