Hi community
I view the data on my Ubuntu client machine, and then on another Windows machine thanks to the same ELK supervision server, but I wonder why I also find the data processed on the Ubuntu machine on the Windows one.
Can you clarify your set up a bit more?
What I'm guessing:
You have one Elasticsearch cluster and one Kibana instance connected to this Elasticsearch cluster.
You have two hosts (Ubuntu and Windows), and you're collecting signals from both of these hosts and sending them to your Elasticsearch cluster.
That means that the data from both hosts are in the same database, and your Kibana is connected to this database, hence when you visit Kibana (no matter from which machine) it talks to the same Elasticsearch cluster which contains both data from your Ubuntu host and your Windows host.
You can easily filter out the data in Kibana if you only want to look at data from one host at a time.
Okay, now I understand. That's exactly what I was trying to understand. Thank you for the explanation.