Kibana has no data in Discover (DOCKER)

Elastic Stack Kibana
1

Hello,
Im setting up ELK within Docker and so far its been quite confusing. However, I now have it all up but Kibana has no data in discover. If I do: http://IP/_cat/indices I can see data.

green open .kibana               1 1   2 0  19.1kb   9.5kb 
green open winlogbeat-2016.10.13 5 1 200 0 589.9kb 326.4kb

This is a simple winlogbeat log from locking my pc to trigger an event.

http://IP/_cluster/health?pretty shows:

{
  "cluster_name" : "elasticsearch",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 11,
  "number_of_data_nodes" : 11,
  "active_primary_shards" : 6,
  "active_shards" : 12,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

The above doesnt say that there are any indices but /cat/indices does? It seems like Kibana isnt communicating properly.
The docker image I used was https://hub.docker.com//kibana/.

All status' are green too, so I'm a little stuck.

Any advice would be appreciated!

Thanks.

2

The Docker images is "official" only in that the Docker folks posted it. In any event, the fact that it's using Docker shouldn't matter here.

It sounds like you were able to add the index pattern to Kibana, and you're just not seeing any data. First, make sure you have data in your index using the query below and checking for hits:

GET winlogbeat-*/_search

If you have data, perhaps there's a timestamp issue. If you have Kibana set up for the last 15 minutes, and your data is only being indexed in the past, then you won't see anything. Try changing the time range to the last 24 hours, or the last 7 days, and see if you see anything. If so, make a note of the time on the newest data, and that's the timezone offset you're dealing with.