Enable modules & Could not locate that index-pattern-field

Hello,
I am trying to enable system module in Elasticsearch (6.2.*). I have used CLI (on kibana):

filebeat modules enable system

But when I go to kibana I get the following message:

Could not locate that index-pattern-field (id: system.syslog.hostname)

or

Could not locate that index-pattern-field (id: system.auth.ssh.event)

or
...

What is missing ?

I also ran the following command:

filebeat setup --template -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["myelk:9200"]'

But it didn't help.
What am I supposed to run now ?

What is the output of ./filebeat modules list? Have you set index pattern in Kibana on startup? Have you tried sending messages already?

filebeat modules list

Enabled:
nginx
system

Disabled:
apache2
auditd
icinga
kafka
logstash
mysql
osquery
postgresql
redis
traefik

I have set index pattern in Kibana with filebeat-* and I already have data there (in Discovery). But then I added those two modules but cannot see any dashboards ...

It seems to me that it is a Kibana error. Could you post your question in the Kibana forum?

Of course !

Any hint what might be wrong ?

From the log:
|2018-05-30T15:28:33.283Z|INFO|kibana/client.go:69|Kibana url: http://localhost:5601| |---|---|---|---|
|2018-05-30T15:28:59.279Z|INFO|instance/beat.go:583|Kibana dashboards successfully loaded.|
|2018-05-30T15:28:59.279Z|INFO|instance/beat.go:301|filebeat start running.|

But:

curl -s http://localhost:9200/.kibana/dashboard/_search?pretty

{ "took" : 0, "timed_out" : false, "_shards" : { "total" : 1, "successful" : 1, "skipped" : 0, "failed" : 0 }, "hits" : { "total" : 0, "max_score" : null, "hits" : [ ] } }

Don't really understand - is it supposed to display all the dashboards or not ?

Anyone any hint to help ?

Can anyone help me please ?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.