I am testing UberAgent. I have got it working with Splunk. Now, I am testing it with Elasticsearch.
Both elasticsearch and kibana are running.
I have updated the uberAgent.conf to send data to elasticsearch
[Receiver]
Name = Default
Type = Splunk
Protocol =TCP
Servers =localhost:19500
RESTToken =
[Receiver]
Name = Elasticsearch
Type = Elasticsearch
Protocol = HTTP
Servers = localhost:9200
I can see uberagent* template elasticsearch index management via kibana.
However, I don't see uberagent index.
Shouldn't there be an uberagent index created ? Does that mean there is no data being sent from agent to elasticsearch?
appreciate your assistance on this issue.
