I'm new using ELK and I'm encountering an issue with Kibana.
I'm importing catalina.out in elasticsearch with logstash.
In this part, I don't have any particular problem and the indices seems to be corectly created.
But when it comes to Kibana I just have 715 hints links to the last logstash index. I tried to created an index pattern from a specific logstash one (ex: logstash-0017.04.03) but in this case I don't have any results.
I'm using Kibana 5.3 and I use the default setup. I didn't configure any specific search and I use the Time range "this year"
Does anyone have a lead on my issue?
It looks like something is not working in your parsing and that it is extracting the year as 0017 (Will be hard to get this included in the Kibana time picker)). You only have one index covering 2017, so what you see in Kibana appears correct.
You right, I didn't pay attention in the first place but I have an issue because some logs are matching the pattern TOMCAT_DATESTAMP2 and others DATESTAMP2.
I need to convert DATESTAMP2 to TOMCAT_DATESTAMP2 before I target the @timestamp field.
Thanks
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
