There is no data in kibana

Elastic Stack Kibana
1

I have lots of cisco switches and i've configured the devices to send syslogs to my logstash,the output plugin is elasticsearch.But it didn't take effect on some of the devices ,i have checked the status of the elasticsearch and logstash but i can not find any error.I do not know why.The configuration is as below.

version" : {
"number" : "5.6.3",
"build_hash" : "1a2f265",
"build_date" : "2017-10-06T20:33:39.012Z",
"build_snapshot" : false,
"lucene_version" : "6.6.1"
},

the status of the index is
green open network-log-2017.11.28 0yA8wO7oTKSa5vkqXdk19Q 5 1 4245 0 5.1mb 2.5mb

when i generated some logs i can see the number of the documents keep increasing, but i can not find that in kibana

2

Probably a misconfiguration of the index pattern in Kibana?

I moved your question to #kibana.

3

i do not think so , i've tried to make a troubleshooting,and i found that when i change the input to udp , it does work! i thought it's the problem of the tcp input plugin.But i have no idea how to solve it

4

Hi are you still there ?
I had tried to using tcpdump , and i found that the syslog was indeed sent to the logstash . In the meantime , i configured the output as a file,if there is any pattern error , i can see that in the log,but now i can not find any error in the log,that's why i am sure it's not the problem of the pattern

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.