Winlogbeat Index created but nothing in Discover

uklipse · September 8, 2018, 9:14pm

Hi, I had Elasticsearch installed on a Windows server but moved it to Ubuntu. I am now sending Windows logs to Elasticsearch on Ubuntu. Under Management > Index Management I see the winlogbeat index created and it grows but I don't see anything under Discover or Visualize. I don't have the winlogbeat index listed but do have auditbeat and metricbeat.

When ES was on the Windows machine and I sent the logs to itself, I did see the logs under the Discover tab.

Any ideas why the index isn't showing?

Thanks

uklipse · September 8, 2018, 9:22pm

Nevermind, I didn't create the initial index pattern. After that, I can see the logs now.

system · October 6, 2018, 9:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Winlogbeat index pattern not showing up on kibana Logstash	2	1212	July 20, 2020
Could not locate that index-pattern (id: winlogbeat-*), [click here to re-create it](#/management/kibana/index) Beats winlogbeat	1	450	May 8, 2019
No data log in Discover section Elasticsearch	2	181	November 15, 2022
Linux Logs from Elasticsearch are not showing in Discover tab Elasticsearch	2	555	December 16, 2019
Logs don't show up on kibana Elasticsearch	9	294	November 26, 2023

Winlogbeat Index created but nothing in Discover

Related topics