Hi.
I implemented a Suricata server with Filebeat to send logs to elasticsearch. The logs are then displayed in Kibana via the Filebeat Suricata module.
My problem is when I enable flow logging in the meericata log file. After a while, the logs displayed in Kibana are not in real time as if the tool were not following the flow of generated logs. Is there any way around this problem?
If I disable this kind of logging, everything works fine.