Hello all,
I have try to run stack ELK for fortinet's syslog.
It's works and on kibana I see the log, but almost all fields are not searchable and they have a 
before the name... 
I have used on logstash kv filter and in this mode:
filter {
kv {
source => "message"
}
}It's works fine because find all key and value but in kibana it is not searchable...
Sounds like you need to refresh the index pattern.
Hello @Badger, in Kibana settings, under Index management of elasticsearch I have select the index and select Refresh Index but the problem is the same...
It is necessary drop the current index? For me this solution it isn't a problem...
Hi @Badger, I have solved 
It is necessary refresh the index of kibana, not elasticsearch.
Thanks a lot for suggestion.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.