Send logs from remote server on the same network

Good, I want to send the logs from a server to this one but the logs don't arrive, I show you the files to see if you can help me.

sudo cat /etc/logstash/conf.d/30-Elasticsearch-output.conf

> output {
>   elasticsearch {
>     hosts => ["localhost:9200"]
>     manage_template => false
>     index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
>   }
> }

sudo cat /etc/logstash/conf.d/10-syslog-filter.conf

> filter {
>   if [fileset][module] == "system" {
>     if [fileset][name] == "auth" {
>       grok {
>         match => { "message" => ["%{SYSLOGTIMESTAMP:[system][auth][timestamp]} %{SYSLOGHOST:[system][auth][hostname]} sshd(?:\[%{POSINT:[system][auth][pid]}\])?: %{DATA:[system][auth][ssh][event]} %{DATA:[system][auth][ssh][method]} for (invalid user )?%{DATA:[system][auth][user]} from %{IPORHOST:[system][auth][ssh][ip]} port %{NUMBER:[system][auth][ssh][port]} ssh2(: %{GREEDYDATA:[system][auth][ssh][signature]})?",
>                   "%{SYSLOGTIMESTAMP:[system][auth][timestamp]} %{SYSLOGHOST:[system][auth][hostname]} sshd(?:\[%{POSINT:[system][auth][pid]}\])?: %{DATA:[system][auth][ssh][event]} user %{DATA:[system][auth][user]} from %{IPORHOST:[system][auth][ssh][ip]}",
>                   "%{SYSLOGTIMESTAMP:[system][auth][timestamp]} %{SYSLOGHOST:[system][auth][hostname]} sshd(?:\[%{POSINT:[system][auth][pid]}\])?: Did not receive identification string from %{IPORHOST:[system][auth][ssh][dropped_ip]}",
>                   "%{SYSLOGTIMESTAMP:[system][auth][timestamp]} %{SYSLOGHOST:[system][auth][hostname]} sudo(?:\[%{POSINT:[system][auth][pid]}\])?: \s*%{DATA:[system][auth][user]} :( %{DATA:[system][auth][sudo][error]} ;)? TTY=%{DATA:[system][auth][sudo][tty]} ; PWD=%{DATA:[system][auth][sudo][pwd]} ; USER=%{DATA:[system][auth][sudo][user]} ; COMMAND=%{GREEDYDATA:[system][auth][sudo][command]}",
>                   "%{SYSLOGTIMESTAMP:[system][auth][timestamp]} %{SYSLOGHOST:[system][auth][hostname]} groupadd(?:\[%{POSINT:[system][auth][pid]}\])?: new group: name=%{DATA:system.auth.groupadd.name}, GID=%{NUMBER:system.auth.groupadd.gid}",
>                   "%{SYSLOGTIMESTAMP:[system][auth][timestamp]} %{SYSLOGHOST:[system][auth][hostname]} useradd(?:\[%{POSINT:[system][auth][pid]}\])?: new user: name=%{DATA:[system][auth][user][add][name]}, UID=%{NUMBER:[system][auth][user][add][uid]}, GID=%{NUMBER:[system][auth][user][add][gid]}, home=%{DATA:[system][auth][user][add][home]}, shell=%{DATA:[system][auth][user][add][shell]}$",
>                   "%{SYSLOGTIMESTAMP:[system][auth][timestamp]} %{SYSLOGHOST:[system][auth][hostname]} %{DATA:[system][auth][program]}(?:\[%{POSINT:[system][auth][pid]}\])?: %{GREEDYMULTILINE:[system][auth][message]}"] }
>         pattern_definitions => {
>           "GREEDYMULTILINE"=> "(.|\n)*"
>         }
>         remove_field => "message"
>       }
>       date {
>         match => [ "[system][auth][timestamp]", "MMM  d HH:mm:ss", "MMM dd HH:mm:ss" ]
>       }
>       geoip {
>         source => "[system][auth][ssh][ip]"
>         target => "[system][auth][ssh][geoip]"
>       }
>     }
>     else if [fileset][name] == "syslog" {
>       grok {
>         match => { "message" => ["%{SYSLOGTIMESTAMP:[system][syslog][timestamp]} %{SYSLOGHOST:[system][syslog][hostname]} %{DATA:[system][syslog][program]}(?:\[%{POSINT:[system][syslog][pid]}\])?: %{GREEDYMULTILINE:[system][syslog][message]}"] }
>         pattern_definitions => { "GREEDYMULTILINE" => "(.|\n)*" }
>         remove_field => "message"
>       }
>       date {
>         match => [ "[system][syslog][timestamp]", "MMM  d HH:mm:ss", "MMM dd HH:mm:ss" ]
>       }
>     }
>   }
> }

ubuntukiba@ubuntukiba:~$ sudo cat /etc/logstash/conf.d/02-beats-input.conf

> input {
>   beats {
>     port => 5044
>   }
> }

/etc/filebeat/filebeat.yml

> output.logstash:
>   # The Logstash hosts
>   hosts: ["localhost:5044"]

CLIENT

> output.logstash:
>   # The Logstash hosts
>   hosts: ["192.168.14.78(THE SERVER):5044"]

Hi @Arraso26

Did you tried disabling filter conf, maybe there is something wrong with your grok

mv /etc/logstash/conf.d/10-syslog-filter.conf /etc/logstash/conf.d/10-syslog-filter.disabled
systemctl restart logstash

And also please check debug log of filebeat agent installed on client, to see if it works properly/permission error on log file etc...