No logs from some hosts in Kibana

swb · June 26, 2019, 11:34am

Good day!

I have a working ELK stack - Logstash, Kibana and 3 nodes Elasticsearch.

I see these syslog messages form hosts 10.110.0.36 and 10.110.0.37 in tcpdump on Logstash:

logstash# tcpdump -i ens192 -n host 10.110.0.37

13:46:14.153418 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 145

13:46:14.245610 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 114

13:46:14.246084 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 101

13:46:14.246125 IP 10.110.0.37.514 > 192.168.226.23.514: SYSLOG local4.error, length: 177

and

logstash# tcpdump -i ens192 -n host 10.110.0.36

13:46:37.231069 IP 10.110.0.36.514 > 192.168.226.23.514: SYSLOG local4.error, length: 145

13:46:37.231129 IP 192.168.226.23 > 10.110.0.36: ICMP 192.168.226.23 udp port 514 unreachable, length 181

13:46:37.232108 IP 10.110.0.36.514 > 192.168.226.23.514: SYSLOG local4.error, length: 114

13:46:37.232149 IP 10.110.0.36.514 > 192.168.226.23.514: SYSLOG local4.error, length: 101

There are logs for host 10.110.0.37 in Kibana, but there is no for 10.110.0.36.

Could you tell me what cause that problem?

system · July 24, 2019, 11:34am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Syslog not shown in kibana Kibana	2	2653	July 6, 2017
Logstash with syslog input doesn't send logs to Elasticsearch Logstash elastic-stack-security	1	491	July 22, 2020
Logstash not sending syslog to elasticsearch Logstash	42	3780	December 17, 2021
Logstash 6.0, not logging similar messages from two different hosts Logstash	3	605	January 6, 2018
There is no data in kibana Kibana	4	1051	December 27, 2017