ELK ESXi Dashboard

Hello, I use Elastic Search, Kibana and Logstash

I would like to create a dashboard that includes a pannel with:

1. Successful connections on an Esxi with root from an IP that is not mine .

2. Failed connections on an Esxi with root from an IP that is not mine.

I would like to display for these pannels only the message with the user name, the login IP and the message that says "successful login from root..."

The problem is that I don’t have fields with only IP, nor fields with short message.

How can I make these dashboards?

Thanks you

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.