I was wondering if someone could guide me or help me with this issue I
have been having. I think i know where im wrong i just dont know what do
about it. Alright So i have been following 2 guides to get my pfSense
to send all the logs. I am using lbuntu for the operating system.
So i did everything that the guide says and even the Kibana web
interface shows up but the part im stuck is on the logstash. I think the
part where im confused on the second guide is where he says i need to
put this other file pfsense2-2.grok into the patterns folder but I have
no idea where to add the patterns folder. And the pfsense2-2.grok https://gist.github.com/elijahpaul/f5f32d4e914dcb7fedd2
Because when i run tail -f /var/log/logstash/logstash.stdout
i get an outcome of "get pattern log not defined" see pics
and also im not sure why i am not getting dashboards for pfSense instead i get a kibana dashboard or a logstash dashboard
Hi Mark,
Thank you for replying so quick. My apologies on github im somewhat new to this stuff Here are the paste bins. So if i understood correctly i would open putty then type vim /opt/logstash/patterns/pfsense2-2.grok
Edit that file using this pastebin https://gist.github.com/elijahpaul/f5f32d4e914dcb7fedd2
so i figured out what i did wrong for people who having trouble i will make a full tutorial on installing ELK after i get geoip working with curator on automatic deletion. What happened i had to join those 3 .conf and make it into one and call it logstash.conf and need to point my .grok files to the patterns directory on the logstash.conf
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
