SIEM Network Map Errors

Lin2020 · March 5, 2021, 3:24pm

The error on the map is "The Source Point and Destination Point no results found"

and

SIEM-Network-Flows: Autonomous system, Bytes in, Bytes out....no items displayed

Discover error-firewall logs

ylasri · March 16, 2021, 5:49pm

You have to make sure fields of your logs are mapped correctly to the ECS schema with the right mapping,

Here is the reference to the source & destination fields of the ECS schéma

You can use logstash geoip filter to add ASN infos about src/dst IP

system · April 13, 2021, 5:49pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
GeoIP Filter Mapping Error. What dynamic mapping is required? Logstash elastic-stack-monitoring , elastic-stack-security	3	415	August 19, 2020
ECS expect `target` value Logstash	9	1546	July 30, 2022
SIEM network map states "Error loading map features" at all end points Elastic Security	1	359	December 3, 2021
Logstash ECS Compatiblity Issues Logstash	6	3127	June 6, 2022
Aggregating Source IP and Destination IP pairs on Firewall logs Elasticsearch	2	2184	July 19, 2019