Unable see logs In kibana after 15 minutes

nikbhadane · April 18, 2018, 9:45am

Thank you for guidelines.

I updated logstash config file with new filter. And also updated the filebeat.yml with same name.
But still facing the same issues.

filter {
if [type] == "DataLogs" {
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:DataLogs_timestamp} %{SYSLOGHOST:DataLogs_hostname} %{DATA:DataLogs_program}(?:[%{POSINT:DataLogs_pid}])?: %{GREEDYDATA:DataLogs_message}" }
add_field => [ "received_at", "%{@timestamp}" ]
add_field => [ "received_from", "%{host}" ]
}
syslog_pri { }
date {
match => [ "DataLogs_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ]
}
}
}

Can you please tell me how to configure logstash without applying filter?

Or any default configuration for logstash.

Topic		Replies	Views
Kibana not fetching results Kibana	5	590	June 30, 2017
Not able to see latest logs in discover in kibana Kibana	11	3852	January 5, 2021
Not getting near real time logs in kibana Kibana	4	856	March 20, 2019
ELK 6.7.0. Kibana doesn't show real time data Kibana	4	622	June 10, 2019
Kibana not showing data from Elasticsearch Elasticsearch	5	1519	July 5, 2017

Unable see logs In kibana after 15 minutes

Related topics