Hello
I got my ELK to work, and i can websruf to the localhost, but i cant send syslog messages to the host.
all i get is the message no results found. IM running it on a Debian Linux, and this is a fresh install that i just got working.
I have configured a Aruba controller and a Juniper Switch to send alla logs to the host but none show up in kibana.
What do you guys think ? Is there a way to check if the logs are reaching the host ?
I can ping from both units to the local host and also back, and i have a any any allow policy between them.
Thank you
Hi Simroo,
I would start by checking if your data is getting into elasticsearch.
These results look best if you use Chrome browser with "JSON Formatter" extension installed.
If you start with http://localhost:9200/ you should see basic info about your cluster.
http://localhost:9200/.kibana should show you your kibana index (not very useful in itself).
If you know the index your data in you should see the mapping with something like this; http://localhost:9200/logstash-2015.12.22/
And get a count of the data in that index like this; http://localhost:9200/logstash-2015.12.22/_count
If your data isn't getting loaded, we should move this to the logstash area. If it is, can you tell us the elasticsearch version and Kibana version you're using?
Thanks,
Lee