Hello,
I am using Elasticsearch, kibana, logstash, and winlogbeat, all version 7.10.1
I configured winlogbeat and run: .\winlogbeat.exe setup -e and I had no error in my winlogbeat logs, but in kibana there are some dashboards working and some of them I am getting errors:
Could not locate that index-pattern-field (id: powershell.connected_user.name)
Could not locate that index-pattern-field (id: powershell.command.name)
The issue here is that the fields are not found in the index pattern. Also refreshing the index pattern didn't solve the issue.
Also when trying to test some PowerShell commands on the beats clients I can see that they are not listed / counted in Kibana!
- I can see the logs in elasticsearch and most of the visualizations are ok, only the ones I've mentioned.
Also I can see that other people having same issue here with no solution so far:
Any help is really appreciated.
Regards,