No logs from some hosts in Kibana

Good day!

I have a working ELK stack - Logstash, Kibana and 3 nodes Elasticsearch.

I see these syslog messages form hosts 10.110.0.36 and 10.110.0.37 in tcpdump on Logstash:

logstash# tcpdump -i ens192 -n host 10.110.0.37

13:46:14.153418 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 145

13:46:14.245610 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 114

13:46:14.246084 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 101

13:46:14.246125 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 177

and

logstash# tcpdump -i ens192 -n host 10.110.0.36

13:46:37.231069 IP 10.110.0.36.514 > 192.168.226.23.514: SYSLOG local4.error, length: 145

13:46:37.231129 IP 192.168.226.23 > 10.110.0.36: ICMP 192.168.226.23 udp port 514 unreachable, length 181

13:46:37.232108 IP 10.110.0.36.514 > 192.168.226.23.514: SYSLOG local4.error, length: 114

13:46:37.232149 IP 10.110.0.36.514 > 192.168.226.23.514: SYSLOG local4.error, length: 101

There are logs for host 10.110.0.37 in Kibana, but there is no for 10.110.0.36.

Could you tell me what cause that problem?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.