Im trying to configure elasticsearch as a datasource , where i have all the syslogs shipped.
When i add elastic as a data source i get not errors, but when i navigate to the Explore tab and try a query , i get not results.
Ive enabled all the logs but im unable to find anything that would point me to the right direction.
ElasticSearch : 7.5.1
Under Logs for data source , i have the following configs
Message field name: _source
level field name: message
I get no errors, when i save and test. What wil be the best way to troubleshoot, get more logs
I simply run a query “host: *” or *