I am using winlog beat to send my windows logs to logstash and from there to elasticsearch. Everything looks good till index pattern as once i give winlog beat as index pattern in kibana , I can see field asking me to create new index, however once I create index pattern its giving me error unable to fetch mapping.Pls I can see winlog beat added as index pattern but *sign is grayed out usually its with yellow color and I cannot even observe any logs.
Note I am using kibana 5.5.0
Few screenshots-Please help as I feel I have at stuck last part
Is the issue that your winlogbeat-* index pattern is not showing any data? Or that you don't have an index pattern for logstash-* as it says in your last screenshot?
It looks like you successfully created the winlogbeat-* index pattern, though no results show up. Does it help if you expand the time range? Are you sure you have winlogbeat data being indexed? Perhaps the issue is not with Kibana but with your beats data not being indexed properly.
but *sign is grayed out usually its with yellow color and I cannot even observe any logs.
I'm not sure what you mean by this, can you explain further? What * sign is greyed out?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
