Hello i have a problem on how i going to transfer my fail2ban logs going to kibana visualization i already installed the filebeat log shipper on my server where fail2ban is installed but the problem is only the message is showing i dont have any idea to create a visualization on kibana can help me on this problem
Hi @ememman29
You need to parse your message to see fields and values on the kibana, before you start creating visualizations.
If you have shipped the data using logstash, you may parse data using logstash script - filter section. Refer Parsing Logs with Logstash | Logstash Reference [7.12] | Elastic
Or if you don't have the logstash, you may check to parse log at filebeat.
The key here is data being ingested to Elasticsearch has to be in JSON.
Hope this helps!
Hello Thanks for the reply for now im using ELK cloud and my logstash not yet created so do i need to setup my logstash in elk cloud so i can parse the log with filebeat? or is there another without the logstash??
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.