Source ip not getting reflected

ashisharyan · April 20, 2022, 6:05am

We are presently using Elk stack for receiving syslog through file beat.
We are receiving logs in logstash and also in Elasticsearch but we are not
getting source ip in our dashboard

Below is the config file of logstash

input {
    beats {
        port => "5044"
    }
}
filter {
    grok {
        match => { "message" => "%{SYSLOGLINE}"}
    }
    geoip {
        source => "clientip"
    }
}
output {
    elasticsearch {
        hosts => [ "192.168.0.105:9200" ]
    }
}

system · May 18, 2022, 6:06am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Not able to see the source ip field in the auth.log on kibana dashboard Logstash	8	3126	February 21, 2017
Need help in sending Geo Ip data from beats through logstash Beats	1	260	July 24, 2020
No connections between logstash and filebeats Beats	2	1801	April 23, 2019
Syslogging Struggle - newbie alert Elasticsearch	5	585	December 21, 2021
Port need to open for filebeat and logstash Beats filebeat	3	449	September 15, 2021

Source ip not getting reflected

Related topics