I am new to ELK thing.I want to get an alert whenever there is a failed ssh attempt on number of servers.I am able to get the alert whenever there is a failed attempt and if a log reached out to kibana.However the problem is for most of the failed attempts,the logs are not showing up in kibana,that is why my query is also not working and I am not getting the alerts.I am using filebeat.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.