How to get IPTable information using beats or elastic agent

When I type the command iptables -S, I see this:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N f2b-pizza-login
-A INPUT -p tcp -m multiport --dports 0:65535 -j f2b-pizza-login
-A f2b-pizza-login -s 192.168.88.16/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-pizza-login -j RETURN

I then successfully installed filebeat on this same machine. This is what my /etc/filebeat/modules.d/iptables.yml looks like:

- module: iptables
  log:
    enabled: true

When I go to Kibana > Dashboard > [Logs Iptables] Overview, none of the visualizations show any data.

When I go to Kibana > Discover and search for the term pizza, no results show up when I search the data views filebeat-* or logs-* or these data views:
image

In fact none of the data views show any mention of the term pizza.

I also tried installing a standalone elastic agent and using the IP Tables integration. Again, no mention of the term pizza in any of the dataviews or dashboards.

I can see the filebeat and elastic agent are both successfully transmitting other pieces of information to my elastic+kibana stack. But I'm just not getting anything related to the f2b-pizza-login chain.

I am open to using other elastic tools to getting information about the f2b-pizza-login chain of hte iptables into my elastic stack.

What am i doing wrong? Or what tools should I be using?


I am using Elasticsearch and Kibana version 8.11.3