Hi all,
Just wondering if anyone can provide me some guidance. I have Elasticsearch/Kibana running on a Ubuntu Server VM. My goal is to monitor Windows machines in my homelab. I've installed Winlogbeat on one of the Windows hosts to get it going. The logs seem to be making their way to the Ubuntu server fine. However, the issue I am having is presenting the data accurately. If I access my instance @ http://x.x.x.x:5601/ from the Windows hosts, all logs are displayed fine. If I access the instance from any other device on my network, majority of the logs are missing, some come through but others don't. Am I missing something? I thought the web app was just responsible for displaying data that was already fetched and stored on the Ubuntu vm?
I have attached a screenshot below as an example. In the screenshot I have purposely triggered a failed ssh login attempt. As you can in the Windows 11 machine the data shows up fine. On OSX/Any other device the data is missing. Sometimes it will show, but majority of the time the data doesn't come through. This is for all types of logs.. not just SSH
I was unsure of what information would needed to help diagnose this. If you need anything else, please let me know
Thanks