I have install elastic-agent on my one of the host and enabled the sophos module on TCP. I have receiving logs on elastic i have this with the help of tcpdump but not able to see in discovery and dashboard.
Can someone please help me out in this.
Thanks in advance
To get data in Discover and Dashboards you need to create a Data View for your index or set of indices.
Please take a look at the here page where you can get an overview of basic (but relevant!) Kibana concepts. In particular:
Accessing data with data views
Kibana requires a data view to tell it which Elasticsearch data you want to access, and whether the data is time-based. A data view can point to one or more Elasticsearch data streams, indices, or index aliases by name.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.