[Winlogbeat 7.10.1 dashboards]: could not locate some index pattern fields

ethical20 · January 23, 2021, 9:27am

Hello,

I am using Elasticsearch, kibana, logstash, and winlogbeat, all version 7.10.1

I configured winlogbeat and run: .\winlogbeat.exe setup -e and I had no error in my winlogbeat logs, but in kibana there are some dashboards working and some of them I am getting errors:

Could not locate that index-pattern-field (id: powershell.connected_user.name)
Could not locate that index-pattern-field (id: powershell.command.name)

The issue here is that the fields are not found in the index pattern. Also refreshing the index pattern didn't solve the issue.

Also when trying to test some PowerShell commands on the beats clients I can see that they are not listed / counted in Kibana!

I can see the logs in elasticsearch and most of the visualizations are ok, only the ones I've mentioned.

5b54df2c7038e6dfa4d36b53710fe6379ca153cc_2_690x129

Also I can see that other people having same issue here with no solution so far:

Any help is really appreciated.

Regards,

system · February 20, 2021, 11:27am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
[Winlogbeat 7.10.1 dashboards]: could not locate some index pattern fields Beats winlogbeat	6	449	February 16, 2021
[Winlogbeat 7.10.1 dashboards]: could not locate some index pattern fields Kibana windows	6	672	February 19, 2021
Could not locate that index-pattern (id: winlogbeat-*), [click here to re-create it](#/management/kibana/index) Beats winlogbeat	1	450	May 8, 2019
Error fetching fields for index pattern winlogbeat-* (ID: winlogbeat-*) Elasticsearch	4	466	October 5, 2020
Winlogbeat missing mapping fields Beats filebeat , packetbeat , metricbeat , winlogbeat	19	1778	November 20, 2020

[Winlogbeat 7.10.1 dashboards]: could not locate some index pattern fields

Related topics