rspysiu
By:
rspysiu

Kibana - No results found

September 15, 2016 982 views
Applications

hi,
I just instaled Kiba on my linux Ubuntu 16 Server.
I have checked that all is ok but I cannot reach logs from network devices.

@ubuntu:~$ sudo service elasticsearch status
[sudo] password for guru:
● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2016-09-16 13:12:13 PDT; 23h left
     Docs: http://www.elastic.co
  Process: 5611 ExecStartPre=/usr/share/elasticsearch/bin/elasticsearch-systemd-pre-exec (code=exited, status=0/SUCCESS)
 Main PID: 5613 (java)
   CGroup: /system.slice/elasticsearch.service
           └─5613 /usr/bin/java -Xms256m -Xmx1g -Djava.awt.headless=true -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -X

Sep 16 13:12:16 ubuntu elasticsearch[5613]: [2016-09-16 13:12:16,813][INFO ][env                      ] [the Living Darkness Null] heap size [1007.3mb], c
Sep 16 13:12:18 ubuntu elasticsearch[5613]: [2016-09-16 13:12:18,602][INFO ][node                     ] [the Living Darkness Null] initialized
Sep 16 13:12:18 ubuntu elasticsearch[5613]: [2016-09-16 13:12:18,602][INFO ][node                     ] [the Living Darkness Null] starting ...
Sep 16 13:12:18 ubuntu elasticsearch[5613]: [2016-09-16 13:12:18,672][INFO ][transport                ] [the Living Darkness Null] publish_address {10.255
Sep 16 13:12:18 ubuntu elasticsearch[5613]: [2016-09-16 13:12:18,676][INFO ][discovery                ] [the Living Darkness Null] elasticsearch/KZnLFMhZR
Sep 16 13:12:21 ubuntu elasticsearch[5613]: [2016-09-16 13:12:21,738][INFO ][cluster.service          ] [the Living Darkness Null] new_master {the Living
Sep 16 13:12:21 ubuntu elasticsearch[5613]: [2016-09-16 13:12:21,789][INFO ][http                     ] [the Living Darkness Null] publish_address {10.255
Sep 16 13:12:21 ubuntu elasticsearch[5613]: [2016-09-16 13:12:21,853][INFO ][node                     ] [the Living Darkness Null] started
Sep 16 13:12:21 ubuntu elasticsearch[5613]: [2016-09-16 13:12:21,857][INFO ][gateway                  ] [the Living Darkness Null] recovered [1] indices i
Sep 16 13:12:22 ubuntu elasticsearch[5613]: [2016-09-16 13:12:22,118][INFO ][cluster.routing.allocation] [the Living Darkness Null] Cluster health status
lines 1-19/19 (END)
@ubuntu:~$ sudo service logstash status
● logstash.service - LSB: Starts Logstash as a daemon.
   Loaded: loaded (/etc/init.d/logstash; bad; vendor preset: enabled)
   Active: active (running) since Fri 2016-09-16 13:12:01 PDT; 23h left
     Docs: man:systemd-sysv-generator(8)
  Process: 5270 ExecStart=/etc/init.d/logstash start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/logstash.service
           └─5297 /usr/bin/java -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -Djava.awt.headless=true -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiat

Sep 16 13:11:59 ubuntu systemd[1]: Starting LSB: Starts Logstash as a daemon....
Sep 16 13:11:59 ubuntu logstash[5270]: logstash started.
Sep 16 13:12:01 ubuntu systemd[1]: Started LSB: Starts Logstash as a daemon..

@ubuntu:~$ sudo service logstash status
● logstash.service - LSB: Starts Logstash as a daemon.
   Loaded: loaded (/etc/init.d/logstash; bad; vendor preset: enabled)
   Active: active (running) since Fri 2016-09-16 13:12:01 PDT; 23h left
     Docs: man:systemd-sysv-generator(8)
  Process: 5270 ExecStart=/etc/init.d/logstash start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/logstash.service
           └─5297 /usr/bin/java -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -Djava.awt.headless=true -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiat

Sep 16 13:11:59 ubuntu systemd[1]: Starting LSB: Starts Logstash as a daemon....
Sep 16 13:11:59 ubuntu logstash[5270]: logstash started.
Sep 16 13:12:01 ubuntu systemd[1]: Started LSB: Starts Logstash as a daemon..

I did instalation within following instruction:

https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elk-stack-on-ubuntu-16-04

Do you know what is wrong?

PS I have two interfaces on my linux, but network device can ping server.
I am using address 10.255.250.31 as the frnotend.

ens33     Link encap:Ethernet  HWaddr 00:0c:29:95:b4:ee
          inet addr:192.168.200.102  Bcast:192.168.203.255  Mask:255.255.252.0
          inet6 addr: fe80::20c:29ff:fe95:b4ee/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:402 errors:0 dropped:0 overruns:0 frame:0
          TX packets:78 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:29836 (29.8 KB)  TX bytes:9326 (9.3 KB)

ens34     Link encap:Ethernet  HWaddr 00:0c:29:95:b4:f8
          inet addr:10.255.250.31  Bcast:10.255.251.255  Mask:255.255.254.0
          inet6 addr: fe80::20c:29ff:fe95:b4f8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1925 errors:0 dropped:0 overruns:0 frame:0
          TX packets:995 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:425520 (425.5 KB)  TX bytes:203613 (203.6 KB)

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.200.1   0.0.0.0         UG    0      0        0 ens33
10.255.250.0    *               255.255.254.0   U     0      0        0 ens34
link-local      *               255.255.0.0     U     1000   0        0 ens34
192.168.200.0   *               255.255.252.0   U     0      0        0 ens33

1 comment
  • Which log files are you attempting to bring in and what steps have you taken so far to configure this. You've provided some useful information here but a bit more detail on the goal and steps taken so far would help troubleshoot this issue.

Be the first one to answer this question.