Kibana query is always empty

Elastic Stack Kibana
1

Hi,

I'm runing a query in Kibana but the result is always empty. I Tested the same query in ES and it works fine. Here are the queries:

Kibana query: *
Kibana index: p0f-*

Elasticsearch query: /p0f-*/_search?pretty=true&q=*:*

This is an example of the result of the ES query:

{
            "_index" : "p0f-2017.04.17",
            "_type" : "p0f",
            "_id" : "AVuSbdlTx4ZGFebgoK2X",
            "_score" : 1.0,
            "_source" : {
              "app" : "???",
              "cli" : "192.168.xx.xx/36418",
              "product" : "p0f",
              "mod" : "http request",
              "params" : "none",
              "path" : "/var/log/p0f/p0f.log",
              "@timestamp" : "2017-04-17T15:36:25.000Z",
              "srv" : "108.175.xx.xx/80",
              "@version" : "1",
              "host" : "f6d67d2d69ea",
              "subj" : "cli",
              "lang" : "English",
              "timestamp" : "2017/04/17 15:36:25"
}

I set the search time to 5 years, and I don't know what else to do. Also tied with an other index and worked perfectly.

Regards,
Joaquín Silva

2

Did you use the @timestamp or the timestamp field as your date field? If you used the later elasticsearch might not be parsing that format correctly.

3

It was a problem with the browser cookies. I deleted them and it worked.

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.