Hi guys,
I'm trying to get a really basic Netflow setup with Elasticsearch and Kibana.
Logstash seems to be receiving the NetFlow records OK, and I can see that Elasticsearch creates an index within Kibana
However when I click on discover in Kibana, nothing is coming through, Even with the date range set back to 5 years.
Below is my logstash.conf file.
input {
udp {
port => 9995
codec => netflow {
definitions => "/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-codec-netflow-0.1.6/lib/logstash/codecs/netflow/netflow.yaml"
versions => [5]
}
}
}
output {
stdout { codec => rubydebug }
elasticsearch {
index => "logstash-netflow9-%{+YYYY.MM.dd}"
node_name => "logstash"
cluster => "elasticsearch"
host => "127.0.0.1"
}
}
I am a total newbie with this stuff so apologies if my question is very basic. Thanks
EDIT: Nevermind, i was too impatient. Elasticsearch took it's time displaying the data. This can be closed.