Hi. I'm having difficulty trying to load my default Kibana Dashboard because my ES stack is on a separate system compared to where I have installed winlogbeat.
Does anybody have the correct syntax that I can follow....
PS > winlogbeat setup --dashboards ........
Thanks.
Hi @jamesl,
winlogbeat setup --dashboards should be enough, but you need to make sure winlogbeat has access to both Elasticsearch and Kibana. You don't need to deploy the dashboard from the machine you will be monitoring. If there is a firewall in place, you can always install winlogbeat on a separate windows machine with access, for provisioning purposes.
Best regards
Hi Thanks for the reply Exekias.
I don't have ES or Kib on the box that has Winlogbeat installed. In the old beats package days when I wanted to import that winlogbeats dashboard I had to put a switch at the end of the command like - -es Http://elasticsearch:9200 ... or something like that. Is there a switch for this version? There is no firewall between where winlogbeat is installed and the ES/Kib Servers.
You can use common configuration for those, output.elasticsearch.hosts and setup.kibana.host. If you don't want to edit winlogbeat.yaml you can also pass these as flags, using -E
Thanks, it's working!
I have made the following changes to winlogbeat.yml:
unhashed out this line and put in my Kibana address (line 71) -->
host: "kib01:5601"
I have my 1 dashboard now - Winlogbeat Dashboard.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.