Does anyone encounter this?
There is no data in field: process name
Hi @Cruz
Did you filter events in discovery? Did you check if you have any date/time filters that could harm the dashboard?
A good tip is to confirm if there are process events being collected by the agents, through the discovery module.
Best regards
Hi @grfneto, thank you for your kind response.
I tried to filter it on the discovery module but there is no logs found.
What is the problem with this?
my filebeat shipper installed on my test server in Ubuntu OS.
I installed a new Ubuntu OS and tried to setup the filebeat there but encountered the same issue.
I just followed the instruction here Filebeat Installation GUIDE
I am using ELK version 8.7.0 and filebeat is also version 8.7.0
BTW that is an invalid KQL query should be
process.name: *
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.