Hello . I have a server in which i am running suricata . In the same server I have installed filebeat which i am using to send my suricata logs to Elasticsearch .I have setup es and kibana inside a vm .After starting everything I am able to see filebeat suricata page in elasticsearch but however every field is empty there are no logs .I have looked up everywhere but couldnt find anything
Hi Dhurv, Welcome to the Elastic community. Can you try to run below command and check whether you getting any error or warning
filebeat -e -c filebeat.yml
Hii Ashish , I dont have a file named myfilebeatconfig.yml
You can try
filebeat -e -c filebeat.yml
Purpose of this command to run filebeat in verbose mode and check whether its throwing any error/warning.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.