I am a little confused where my issue is, using Kibana and showing data for the past month, it is only showing me data up till December 6th 23:59:36 which is the last syslog which arrived that day.
I did see that there were messages in elasticsearch logfile warning that the file system it was using was 90% full. So I have moved /var/lib/elasicsearch to another partition with more space. I have restarted both elasticsearch and logstash but still not seeing any more recent data.
Is there an easy way to tell if logstash and elasticsearch are collecting and storing data ok?