Not a bug as much as an idea, would it be possible to add the minion ID in the Kibana log feed events? Now the minions are recognizable by their IP addresses, but it may add clarity.

//Ubuntu 16.04

After running server installation, networking service is failed

      ID: networking
Function: service.running
  Result: False
 Comment: The named service networking is not available
 Started: 10:42:29.597023
Duration: 10.751 ms
 Changes: 

This becomes also after
$ sudo salt '*' state.highstate --state-output terse

Kaytin Ubuntu 18.04.1 LTS.
Koneeseen on asennettu pelkaan salt-master. eli ./serversetup.sh
Tuli vastaan virhe, etta en pystynyt luoda uuden index patternin.

T: Konstantin Gurin

Tried to install the both the server and client on the same machine.

• Salt-master drops the other minion due to not being able to run two minions under the same ip.

Solution proposition:

• Instruct users not to run scripts on same machine.

• Issue also solved by simply being smarter

Not sure if I should be worried. But after running

• ./serversetup.sh

After the installation finishes I receive the error message:

• Name: networking - Function: service.running - Result: Failed Started: - 10:52:59.139304 Duration: 32.92 ms

Everything works fine otherwise so I think this isn't a serious issue. But I'd find it helpful if there was something telling the user that the failure isn't critical.

Also all the previous steps were completed. So the issue isn't about missing files.

The log-analysis/salt readme file in my opinion could use an overview on what the salt states/scripts do before any lines of code. That way it is easier to see if this project is of any use to potential clients.

The info for this part should have a path to where the creation of the new index is found, for example like commented in the right spot:

The logging frontend is Kibana, which is automatically set up and started on the master.
The interface can be accessed either locally on the server (http://localhost) or from any salt minion (http://logserver.local). Kibana requires minimal setup after the initial scripts:

    **Add: Go to Discover-page found on the left side-bar.**
    Create new index (the easiest index pattern for this is " * "), choose @timestamp as the time filter
    Go to the Discover tab to see log entries

Apache logs are not in master

• access.log,
• error.log

Apache is installed in minion, and locally there are log events at minion.

I didn't see any Firewall setup for Master server.

Centralized logs might require good security.

If Master is a droplet in DigitalOcean, how can I use Kibana from there?

Error when installing master on DigitalOcean. Droplet is new and made only for this test.
Report:

root@ubuntu-s-1vcpu-1gb-ams3-01:~# ./serversetup.sh
Updating packages...
Installing git and salt...
Cloning repository...
Cloning into 'log-analysis'...
remote: Enumerating objects: 122, done.
remote: Counting objects: 100% (122/122), done.
remote: Compressing objects: 100% (121/121), done.
remote: Total 2793 (delta 72), reused 0 (delta 0), pack-reused 2671
Receiving objects: 100% (2793/2793), 16.53 MiB | 7.24 MiB/s, done.
Resolving deltas: 100% (1666/1666), done.
Running automated setup... (This will take a while)

file_ignore_glob: []

local:
Data failed to compile:

Rendering SLS 'base:nginx' failed: Jinja variable str object has no element 0

Server setup is now complete!

You can access the Kibana logging frontend at http://localhost
Collected client logs will be found in /var/log/client_logs
Direct your clients to this servers IP address:
142.93.234.33 10.18.0.5

Run 'sudo salt srv01 state.apply fixperms' when new
host directories or log files are created
./serversetup.sh: line 33: firefox: command not found

Serversetup.sh does not work properly if there is no /srv/ directory. Example:

xubuntu@xubuntu:~$ ./serversetup.sh 
Updating packages...
Installing git and salt...
Cloning repository...
Cloning into 'log-analysis'...
remote: Enumerating objects: 65, done.
remote: Counting objects: 100% (65/65), done.
remote: Compressing objects: 100% (65/65), done.
remote: Total 2736 (delta 38), reused 0 (delta 0), pack-reused 2671
Receiving objects: 100% (2736/2736), 16.52 MiB | 17.48 MiB/s, done.
Resolving deltas: 100% (1632/1632), done.
Running automated setup... (This will take a while)
mkdir: cannot create directory ‘/srv/salt’: No such file or directory
mkdir: cannot create directory ‘/srv/pillar’: No such file or directory
cp: target '/srv/salt' is not a directory
cp: target '/srv/pillar' is not a directory

file_ignore_glob: []

local:
  Name: states - Function: no.None - Result: Failed

Summary for local
------------
Succeeded: 0
Failed:    1
------------
Total states run:     1
Total run time:   0.000 ms
Server setup is now complete!

Access the Kibana logging frontend at http://localhost
Client logs will be found in /var/log/client_logs
Direct your clients to this servers IP address:
172.28.171.14 2001:708:b1:1ab::1:158 

Run 'sudo salt srv01 state.apply fixperms' when new
host directories or log files are created

Quick solution -> add these three lines at the start of serversetup.sh

if [ ! -d "/srv/" ]; then
sudo mkdir /srv/
fi