I am running iptables on my server. I enable the module, configure the .yml file for the file /var/log/kern.log. I do a filebeat -E setup.kibana.host= setup --dashboards. I restart kibana on the server, and go to view the iptables dashboard, but no data loads. I can confirm that kern.log entries are coming through though from the host. What am I missing?
Hi @droidus,
Running filebeat setup --dashboards will just setup the dashboards in Kibana. It will not start Filebeat for the purposes of ingesting logs. For that you should run filebeat.
More details on https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation-configuration.html (specifically steps 4 and 5 but you might want to read the entire document).
Hope that helps,
Shaunak
Shaunak,
I already have filebeat running.
- bump *
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.