Hi List
I'm trying to monitor apache logs logs with ELK Stack, I configured logstash.conf:
input {
file {
path => "/var/log/apache2/access.log"
start_position => beginning
}
}
filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
}
output {
elasticsearch { host => localhost }
}
On Kibana I added index patterns and he recognized the fields, but when I go to "Discover", appears this text:
"This field is present in your elasticsearch mapping but not in any documents in the search results. You may still be able to visualize or search on it."
Attached picture
How to resolve this?
Thanks.
Locked
