linux

Elasticsearch+Logstash+Kibana: how to set up Dashboard?

Hello!
Just installed ELK. Installed Filebeat on the server itself and on one more machine.
I loaded the index template like this - according to the instructions If the host running Filebeat does not have direct connectivity to Elasticsearch, see Load the template manually (alternate method) - my case because Filebeat sends data to Logstash, which already sends it to Elasticsearch:

filebeat export template > filebeat.template.json
curl -XPUT -H 'Content-Type: application/json' localhost:9200/_template/filebeat-6.4.2 [email protected]

Filled the dashboards themselves like this:

filebeat setup -e \
-E output.logstash.enabled=false \
-E output.elasticsearch.hosts=['localhost:9200'] \
-E setup.kibana.host=elk.mydomain.ru:5601

On the server, I enabled the filebeats system module, on the other machine - system and mysql.
Ran filebeats on both machines.
In Discovery, incoming data is visible, but the trouble is, in Dashbord, something like

Could not locate that index-pattern-field (id: system.syslog.hostname)

How to win, comrades? Reading the documentation hasn't helped yet.
Configs:
Filebeat

filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/*.log
filebeat.config.modules:
path: ${path.config}/modules.d/*.yml
reload.enabled: false
setup .template.settings:
index.number_of_shards: 3
setup.kibana:
host: "elk.mydomain.ru:5601"
output.logstash:
# The Logstash hosts
hosts: ["elk.mydomain.ru:5044"]

logstash

input {
beats {
port => 5044
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
sniffing => true
manage_template => false
index => "%{[@metadata][beat]}-%{+ YYYY.MM.dd}"
document_type => "doc"
}
}