Hello, I'm a newer in ELK and started support already deployed environment.
The thing is we have netflow and ipfix data. Both are correct found in Kibana discovery, but only netlow is visualized in Dashboard. I've tried to find any filters which can or should manage it, but without success.
So I need your help or at least a hyperlink to article.
Thank you in advance!
Hey @Big_Ben, Dashboards contains visualizations, which themselves display the data which is stored in Elasticsearch. Is there a specific Visualization which isn't displaying the data you're looking for? Are you using the Dashboards which filebeat automatically created for you? If so, these Visualizations are likely built to only pull in data from the filebeat-* indices, so they're missing the ipfix data.
My colleague has just found out that there was a necessary filter on Logstash which was disabled.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.