search

robcowart / elastiflow

Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack
Other
2.49k stars 598 forks source link

I can't see data (elastiflow) in kibana #709

Closed Brynta79 closed 3 years ago

Brynta79 commented 3 years ago

I have the same problem, I can't see the results in kibana. In fact, the logs obtained using tail -f /var/log/logstash/logstash-plain.log are these: [2021-04-27T19:39:46,634][INFO ][logstash.inputs.tcp ][elastiflow][76e2af1cd31f2f3ee4f3c64dde2532f0cdbd37ee8280afa7ed6cbabcbcd6c921] Starting tcp input listener {:address=>"0.0.0.0:4739", :ssl_enable=>false} [2021-04-27T19:39:46,837][INFO ][logstash.inputs.udp ][elastiflow][7bf60e411dc706c29077052f66393592666f7954bdbc44361f287c5ed6a40a1d] Starting UDP listener {:address=>"0.0.0.0:6343"} [2021-04-27T19:39:46,849][INFO ][logstash.agent ] Pipelines running {:count=>2, :running_pipelines=>[:main, :elastiflow], :non_running_pipelines=>[]} [2021-04-27T19:39:46,935][WARN ][logstash.inputs.udp ][elastiflow][7bf60e411dc706c29077052f66393592666f7954bdbc44361f287c5ed6a40a1d] Unable to set receive_buffer_bytes to desired size. Requested 33554432 but obtained 212992 bytes. [2021-04-27T19:39:46,935][WARN ][logstash.inputs.udp ][elastiflow][2e5ea572a647cdeae57f8e0917e831eb80e8a17546f1d00af830a9ca09d2cf5c] Unable to set receive_buffer_bytes to desired size. Requested 33554432 but obtained 212992 bytes. [2021-04-27T19:39:46,940][WARN ][logstash.inputs.udp ][elastiflow][f04a940acfa36909e1f698864cfd80ef34929272fa65e5a453251c835eaf7e08] Unable to set receive_buffer_bytes to desired size. Requested 33554432 but obtained 212992 bytes. [2021-04-27T19:39:46,942][INFO ][logstash.inputs.udp ][elastiflow][2e5ea572a647cdeae57f8e0917e831eb80e8a17546f1d00af830a9ca09d2cf5c] UDP listener started {:address=>"0.0.0.0:2055", :receive_buffer_bytes=>"212992", :queue_size=>"4096"} [2021-04-27T19:39:46,942][INFO ][logstash.inputs.udp ][elastiflow][7bf60e411dc706c29077052f66393592666f7954bdbc44361f287c5ed6a40a1d] UDP listener started {:address=>"0.0.0.0:6343", :receive_buffer_bytes=>"212992", :queue_size=>"4096"} [2021-04-27T19:39:46,943][INFO ][logstash.inputs.udp ][elastiflow][f04a940acfa36909e1f698864cfd80ef34929272fa65e5a453251c835eaf7e08] UDP listener started {:address=>"0.0.0.0:4739", :receive_buffer_bytes=>"212992", :queue_size=>"4096"} [2021-04-27T19:39:47,158][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}

This is what I see in kibana: image

I don't know what to do to solve this problem. I am using ELK 7.8.1 and Elastiflow v4.0.0.

robcowart commented 3 years ago

This issue is being closed as this legacy version of ElastiFlow is now deprecated and is to be archived. Please try the new ElastiFlow, request a free Basic Tier license, and join the ElastiFlow Community Slack. Thank you.