Hi, I have a trouble with loading suricata dashboard using filebeat..
I followed the steps below
and it seems that it is working well... plz check the result message below.
./filebeat setup
Overwriting ILM policy is disabled. Set `setup.ilm.overwrite:true` for enabling.
Index setup finished.
Loading dashboards (Kibana must be running and reachable)
Loaded dashboards
Setting up ML using setup --machine-learning is going to be removed in 8.0.0. Please use the ML app instead.
See more: https://www.elastic.co/guide/en/elastic-stack-overview/current/xpack-ml.html
Loaded machine learning job configurations
Loaded Ingest pipelines
./filebeat -e
2020-06-06T18:17:32.030+0900 INFO instance/beat.go:621 Home path: [/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64] Config path: [/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64] Data path: [/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64/data] Logs path: [/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64/logs]
2020-06-06T18:17:32.030+0900 INFO instance/beat.go:629 Beat ID: 12723054-cbea-431e-a322-4866bc02c680
2020-06-06T18:17:32.055+0900 INFO [beat] instance/beat.go:957 Beat info {"system_info": {"beat": {"path": {"config": "/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64", "data": "/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64/data", "home": "/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64", "logs": "/Users/kakao/Downloads/filebeat-7.7.0-darwin-x86_64/logs"}, "type": "filebeat", "uuid": "12723054-cbea-431e-a322-4866bc02c680"}}}
2020-06-06T18:17:32.055+0900 INFO [beat] instance/beat.go:966 Build info {"system_info": {"build": {"commit": "5e69e25b920e3d93bec76a09a31da3ab35a55607", "libbeat": "7.7.0", "time": "2020-05-12T00:53:14.000Z", "version": "7.7.0"}}}
2020-06-06T18:17:32.055+0900 INFO [beat] instance/beat.go:969 Go runtime info {"system_info": {"go": {"os":"darwin","arch":"amd64","max_procs":8,"version":"go1.13.9"}}}
2020-06-06T18:17:32.056+0900 INFO [beat] instance/beat.go:973 Host info {"system_info": {"host": {"architecture":"x86_64","boot_time":"2020-06-06T09:13:14.898906+09:00","name":"JUN8.local","ip":["127.0.0.1/8","::1/128","fe80::1/64","fe80::1040:a30b:f608:d382/64","172.30.1.26/24","fe80::c89e:70ff:fe16:35e7/64","fe80::c89e:70ff:fe16:35e7/64","fe80::c4c8:55f1:b6ef:e012/64","fe80::2b00:ad04:7709:20d3/64","fe80::aede:48ff:fe00:1122/64"],"kernel_version":"19.4.0","mac":["dc:a9:04:8c:dd:59","82:c3:af:82:18:01","82:c3:af:82:18:00","82:c3:af:82:18:05","82:c3:af:82:18:04","82:c3:af:82:18:01","0e:a9:04:8c:dd:59","ca:9e:70:16:35:e7","ca:9e:70:16:35:e7","ac:de:48:00:11:22"],"os":{"family":"darwin","platform":"darwin","name":"Mac OS X","version":"10.15.4","major":10,"minor":15,"patch":4,"build":"19E287"},"timezone":"KST","timezone_offset_sec":32400,"id":"A92E2D5D-8A09-52C2-B8C5-754AAF4D62AE"}}}
But I cannot see any dashboards in my kibana. When I clicked Suricata logs dashboard, I got error message like this.
