Index patterns for saved objects

Question

Index patterns for saved objects

Closed this issue 6 years ago · 5 comments

I followed the guide and it does not seem to have the index patterns for the saved objects. Did I miss them or something? I created some, but they don't seem to link to the saved objects.

Answer 1 · 2019-03-11T15:16:15.000Z

I also have this problem when I tried to import visualization from "Visualizations-Export.json"
getting error

Answer 2 · 2019-03-11T16:02:43.000Z

@wikedeye & @CoyoteKG : The provided JSON templates establish the formatting structure, you must create the Indexes based upon the templates with the time filter of @timestamp. You can follow this guide here to create the index patterns:
https://www.elastic.co/guide/en/kibana/current/tutorial-define-index.html

In the end you will end up with a configuration like this:

Answer 3 · 2019-03-12T07:37:06.000Z

@shadow-box thanks for quick response.
I already created indexes for traffic

More details about setup,
Paloalto is version 8.1
ELK 6.6.1

Answer 4 · 2019-03-12T15:28:53.000Z

@CoyoteKG Have you followed the prompts to associate the Visualization with the traffic index you have created? You choose the index pattern in the column labeled 'New index pattern'.

Answer 5 · 2019-03-12T16:25:30.000Z

My issue ended up being that I commented out the main pipeline that fed the data to logstash. I was installing another project and followed the direction without realizing what it would do.