I am using ES and Kibana 6.4.0 with Beats. My filebeat able to send logs directly to ES. Also when i am doing manual query on ES or Kibana Console i am able to see the log, but in kibana dashboard its not showing, even if i filter with the same "_id" in Discover its not showing.
I am using below query systex to see logs:
http://11.11.3.16:9200/filebeat-6.4.0-2018.09.06/doc/_13drmUBs98-E0L9SrHd
Result:
{"_index":"filebeat-6.4.0-2018.09.06","_type":"doc","_id":"_13drmUBs98-E0L9SrHd","_version":1,"found":true,"_source":{"offset":266182,"prospector":{"type":"log"},"source":"/var/log/secure","fileset":{"module":"system","name":"auth"},"input":{"type":"log"},"@timestamp":"2018-09-06T18:00:57.000Z","system":{"auth":{"hostname":"ipaysyslogsrv","pid":"830","program":"sshd","message":"input_userauth_request: invalid user pradip.s [preauth]","timestamp":"Sep 6 18:00:57"}},"beat":{"hostname":"ipaysyslogsrv.ipay.local","timezone":"+05:30","name":"ipaysyslogsrv.ipay.local","version":"6.4.0"},"host":{"name":"ipaysyslogsrv.ipay.local"}}}
I am new with ES, your help will be appreciated.