Hi Maxim, what was the problem with logstash? How is your configuration?.
A typical configuration is Manager + Logstash forwarder and other machine with ELK. So you should debug if each part is receiving the logs. Quick debug guide: Logstash forwarder: - /opt/logstash-forwarder/bin/logstash-forwarder -config "/etc/logstash-forwarder.conf" -quiet=false - Look for: "connected to..." Logstash: - /etc/logstash/conf.d/file.conf - Comment everything except rubdydebug. - Stop logstash - Run logstash with: /opt/logstash/bin/logstash -f "/etc/logstash/conf.d/file.conf" - You should see the logs that you are receiving. Elastic: - curl -XGET localhost:9200/_cat/indices - You should see your indices I hope it helps. On Thursday, May 19, 2016 at 9:17:51 AM UTC+2, Maxim Surdu wrote: > > Hi dear community, > > i had a problem with logstash, after i resolve it i saw what in kibana are > missing logs, how can i resolve the problem and reindexing all my logs to > kibana > I will be thankful if someone will help me step by step > > > i appreciate your help, and a lot of respect for developers and community! > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
