Kibana is a browser-based analytics and search interface for Elasticsearch to view Logstash data. There are separate tags for Elasticsearch and Logstash.
See the Kibana browser example views, and the elasticsearch and logstash tags.
Questions tagged [kibana]
12 questions
2
votes
1 answer
How to forward rsyslog logs from multiple locations to ELK and make it show in kibana?
rsyslog server template consideration for multiple remote hosts
---> link to previously answered question
@ meuh, I find this post very useful as am currently working on this configuration.
I have done the steps which are mentioned above and it's…
viggy9816
- 23
- 1
- 5
2
votes
1 answer
Tile/Greographic Map in Kibana not working
I am trying to create a geographical map of my data in Kibana 5.01, and it does not work. The fact is that I do not even have the geoip.field that is required in the menu.
I am sending data from IntelMQ, that is processed by logstash to get into…
Rui F Ribeiro
- 55,929
- 26
- 146
- 227
0
votes
1 answer
keytool error: java.io.IOException: Invalid keystore format
I have a 3-node ELK stack (Elasticsearch v7.17). After a reboot, the Kibana web interface reports an error "Kibana server is not ready yet".
The SSL certs were expired, so I re-created them (for the ELK CA, all 3 nodes, Kibana, and Logstash).…
dr_
- 28,763
- 21
- 89
- 133
0
votes
1 answer
Auditbeat exclude /usr/sbin/cron
I'll tried to exclude event from cron jobs running that can be found with the KQL request : auditd.summary.how :"/usr/sbin/cron"
My host does not running SE Linux, so the rules i found (put bellow) does not work :
-a never,user -F…
Inazo
- 101
- 1
0
votes
1 answer
Kibana service won't start
I am using Manjaro and installed elasticsearch and kibana with
yay -S elasticsearch kibana
Starting the elasticsearch service works well
sudo systemctl start elasticsearch
I've configured kibana with the basic settings in…
betaros
- 103
- 1
- 4
0
votes
0 answers
Kibana showing error
I've installed kibana on linux. i've assign 5601 port as external host(log.gurukul.ninja). but when i run ./bin/kibana command in linux putty terminal i got this error.
log [03:03:35.042] [warning][plugins-discovery] Expect plugin "id" in…
Bhavin Varsur
- 101
- 4
0
votes
0 answers
hearthbeat can't run
I have ELK server, and sending Heartbeats to server. I added an monitor in monitors.d directory, added setup.dashboards.enabled: true line in heartbeat.yml file, but after restarting heartbeat service, service working 2-3 secand and then sending me…
khachikyan97
- 95
- 1
- 1
- 4
0
votes
2 answers
How to configure Simple Event Correlator (SEC) to send info about mail delivery failure
My log file contains the following 3 log entries:
2017-11-16 15:50:45 1eFLV7-0003so-Cd <= <> R=1eFLV7-0003sZ-4v U=Debian-exim P=local S=1853 T="Mail delivery failed: returning message to sender" from <>
2017-11-16 15:50:45 1eFLV7-0003so-Cd =>…
debek
- 237
- 1
- 3
- 13
0
votes
1 answer
Send specific log with specific pharse to my mail
I want to send specific log which has specific phrase to my mail.
For example:
ERROR LOG SOMETHING.COM IP XX.XXX.XXX.XXX PORT:2343 Bad XXXXXXX
And if upper log has phase SOMETHING.COM, send me this log to email.
Is it possible in logwatch or…
debek
- 237
- 1
- 3
- 13
0
votes
1 answer
Kibana- Want to split vertical bars based on my log fields
I have an application log file consists of following log levels: INFO, WARN, ERROR, DEBUG. Following filter criteria works fine in logstash config file:
filter {
grok {
match => { "message" => "%{TIMESTAMP_ISO8601:timestamp}…
Murat
- 335
- 4
- 15
0
votes
1 answer
How to enable kibana at startup
I just downloaded kibana-4.3 tar file , extract it and it works fine. But i want to enable the service at system startup and i got the error by using chkconfig command:
service kibana does not support chkconfig
Any workaround?
Ijaz Ahmad
- 7,146
- 5
- 32
- 45
-1
votes
2 answers
How do i completely uninstall ELK (Elasticsearch, Logstash, Kibana)?
I search on internet that we have to unistall each of the ELK part one by one like unistall stand-alone kibana, elastic search, and logstash. Is there any command which no need to unistall all of them one by one but using only one single command ?…
gagantous
- 225
- 2
- 3
- 10