All,
I'm brand new to ELK. I got it up and running on a linux installation and currently I have one windows server sending it's logs to elasticsearch. I decided to install the X-Pack and since doing that logs are not being transmitted.
I'm a little unsure about what configuration changes I likely need to make. Can someone point me in the right direction? Do I need to alter kibana, elasticsearch and/or logstash yml files? Here's an example of what i'm seeing in my winlogbeat log.
2017-07-07T20:32:25-05:00 INFO Home path: [C:\Program Files\winlogbeat] Config path: [C:\Program Files\winlogbeat] Data path: [C:\ProgramData\winlogbeat] Logs path: [C:\Program Files\winlogbeat\logs]
2017-07-07T20:32:25-05:00 INFO Setup Beat: winlogbeat; Version: 5.4.3
2017-07-07T20:32:25-05:00 INFO Loading template enabled. Reading template file: C:\Program Files\winlogbeat\winlogbeat.template.json
2017-07-07T20:32:25-05:00 INFO Loading template enabled for Elasticsearch 2.x. Reading template file: C:\Program Files\winlogbeat\winlogbeat.template-es2x.json
2017-07-07T20:32:25-05:00 INFO Loading template enabled for Elasticsearch 6.x. Reading template file: C:\Program Files\winlogbeat\winlogbeat.template-es6x.json
2017-07-07T20:32:25-05:00 INFO Elasticsearch url: http://10.240.1.130:9200
2017-07-07T20:32:25-05:00 INFO Activated elasticsearch as output plugin.
2017-07-07T20:32:25-05:00 INFO Publisher name: mcgarrett
2017-07-07T20:32:25-05:00 INFO Flush Interval set to: 1s
2017-07-07T20:32:25-05:00 INFO Max Bulk Size set to: 50
2017-07-07T20:32:25-05:00 INFO State will be read from and persisted to C:\ProgramData\winlogbeat.winlogbeat.yml