ELK stack 8 - Kibana - Filebeat

Elastic Stack Kibana
1

Hello,

I installed the ELK Stack 8 on debian 12.
In the virtual machine i have Elasticsearch/Kibana/Logstash.

On my-srv-ip:5601, in the elastic dashboard, just below home, i dont have the menu : -kibana.
I just have :

  • Analytics ; - Search ; -Observability ; -Security ;

Kibana is however running on the server. Is it normal ? should i add the kibana integration ?

I need it because i installed Filebeat on a rsyslog server. I want to send all the rsyslog on my ELK stack to analyze them with Kibana.

I modified the filebeat.yml with informations of ELK but I have the feeling Filebeat does not send anything.

setup.kibana:
host : "192.168.90.200:5601"

output.elasticsearch:
host: [192.168.90.200:9022"]
username: "elastic"
password: "..."

Thx in advance.

Kind regards,

2

Hi @alrightbabyboy Welcome to the Elastic community.

Could you please troubleshoot and check if you getting any error in log?

3

hello, thx for wlecome.

On the RSYSLOG SRV, i execute : "sudo filebeat setup", it's returrns :

image
image1894×359 36.2 KB

I just want send syslogs to ELK.
What's wrong ? Is anything else to do ?

How can I retrieve logs from ELK and display them in a dashboard?

I have Elastic 8.15

4

sudo filebeat setup -e :

image
image1907×719 151 KB

5

what output below command gives -

filebeat -e -d "*"

It will display all logs which will read by filebeat.

6

image
image1908×509 116 KB

7

Tried to restart : - elastic, kibana then logstash.

The RSYSLOG Server has send logs to Kibana. Its a first step.

I dont understand how to visualise them on the syslog dashboard.

I can only see logs on Observability > Logs > Stream

image
image1533×654 131 KB

9

image
image1623×564 56.3 KB