/var/log/*.log is currently being fetched and rendered in Kibana, but after the initial timestamp for which the index was created, no changing of timestamps or refreshing seems to pull new data in.
I am new to this stack - surely missing something simple. The search filter is on Today and I've updated several times. No new data comes through.
Kibana only seems to see new Filebeat data when the Filebeat service is restarted.
Here is the filebeat.yml:
filebeat:
prospectors:
-
paths:
- /var/log/*.log
- /var/log/messages
- /var/log/secure
input_type: log
document_type: syslog
registry_file: /var/lib/filebeat/registry
output:
elasticsearch:
hosts: ["localhost:9200"]
logstash:
hosts: ["localhost:5044"]
shipper:
logging:
files: