i am new to cloud elastic. i am following this step
after doing the
import_dashboards -only-index -es http://93bb827b4a16fa433486bd5a2de84b12.eu-west-1.aws.found.io:9200 -user elastic -pass xxxxxxxxxxxx -beat filebeat
filebeat-* is appearing in my kibana discover page but it has no results found 
do i need to match the timestamp format in the template filebeat.json and timestamp format in my log?
You don't have to match the timestamp format, although implicit timezones can skew results.. Beyond making sure a timezone is specified that should be fine.
A good starting point would be to make sure filebeat documents are being indexed. Does a GET on http://your-es-instance:9200/filebeat-*/_search show any documents?
If there are documents, then I would take a closer look at timestamps. The time picker in kibana's top right corner will default to the last 15 minutes, and this time range may need to be expanded.
no documents unfortunately
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 121 100 121 0 0 1287 0 --:--:-- --:--:-- --:--:-- 1287{"took":0,"timed_out":false,"_shards":{"total":0,"successful":0,"failed":0},"hits":{"total":0,"max_score":0.0,"hits":[]}}
where to specify the timezone?
do i need to write a parser to parse my logs and push it to kibana using curl post?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.