Syslog messages not displayed for kibana interface

Mohamed_Afzal · July 10, 2019, 3:28pm

Hi,

I have setup an ELK and run winlogbeat and filebeat. Winlogbeat logs displayed in the kibana interface but the syslog from the devices not showing up. when i do a tcpdump port 5544(the port i have setup to listen for syslog messages, it shows the FQDN name of the device which send the syslogs.

my file in /etc/logstash/conf.d/01-beats-input.conf
input{
syslog {
port => 5544
type => 'syslog'
}
}

but when i do as follows it gives and error messages but shows the logs in kibana
input{
syslog {
port => 5544
type => 'syslog'
codec => json
}
}

please let me know what i am doing wrong here did i miss anything. hope to hear from you ASAP

system · August 7, 2019, 3:28pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana - Syslog and Winlogbeat are not visible Beats	1	481	July 29, 2020
Filebeat Cannot Parse Syslog File from Aerohive Beats filebeat	3	702	September 18, 2019
Winlogbeat indices works but not see in Kibana Beats	9	1191	May 22, 2018
Filebeat logs to logstash to kibana Beats filebeat	10	3087	February 16, 2018
Winlogbeat data missing Beats winlogbeat	6	924	August 18, 2022

Syslog messages not displayed for kibana interface

Related topics