I have my installation of the ELK stack up and running. All three aspects are running on separate servers but they all communicate and can talk to one another. I have not yet installed any Beats or Security on the installation, however I have forwarded port 514 to a new one so that the Syslogs that are being directed to my Logstash can be collected and seen. After running a tail on the logstash-plain.log I see that UDP Listener started { :address=>"0.0.0.0:50XX", : receive_buffer_bytes=>"106496", :queue_size=>"2000"} .
This makes me secure in believing I have UDP syslogs being collected. Where would I see them on the Logstash server, using Terminal. There is no Desktop interface.
I am trying to see what information, if any is being passed to the Logstash. After speaking to another person the information should be getting to Elasticsearch and of course from there to Kibana where I can run searches through DevTools.
Please don't post pictures of text or code. They are difficult to read, impossible to search and replicate (if it's code), and some people may not be even able to see them
Please also format your code/logs/config using the </> button, or markdown style back ticks. It helps to make things easy to read which helps us help you
And if you've found a solution then it'd be good to share it in the thread, it might help someone in future.
My bad on the picture. Not something I do regularly, you can check other posts.
In the end the error was being displayed due to the positioning of my code. I had the output of the syslog placed above the output for the Beats. This was causing my troubles. When I moved the syscode output down below the Beats output it worked.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.