I created a elastic cloud trial instance yesterday, but my Windows client is unhealthy.
elastic-agent status output shows:
Status: FAILED
Message: (no message)
Applications:
* osquerybeat (HEALTHY)
Running
* packetbeat (HEALTHY)
Running
* endpoint-security (HEALTHY)
Protecting with policy {4e3326b6-237c-4ba7-9f65-b30f646605f3}
* filebeat (FAILED)
1 error occurred:
* 1 error: Error creating runner from config: missing required field accessing 'hosts'
* filebeat_monitoring (HEALTHY)
Running
* metricbeat_monitoring (HEALTHY)
Running
* metricbeat (HEALTHY)
Running
and diagnostics shows:
elastic-agent id: 762aad65-f9a4-42ff-b408-2c0b83e76245 version: 8.2.3
build_commit: f44953023f48ff11f9e5eb6d7194d741955e1083 build_time: 2022-06-09 01:04:56 +0000 UTC snapshot_build: false
Applications:
* name: filebeat_monitoring route_key: default
process: filebeat id: 011233b5-696c-4403-af38-dc3db4db1224 ephemeral_id: 0ddfabf4-d7c2-4735-93a5-63e7e07c8113 elastic_license: true
version: 8.2.3 commit: 7826dc5e91c6e6d2487e05d3a8298f49041cd5c2 build_time: 2022-06-08 15:51:33 +0000 UTC binary_arch: amd64
hostname: BERLINER55 username: NT AUTHORITY\SYSTEM user_id: S-1-5-18 user_gid: S-1-5-18
* name: metricbeat_monitoring route_key: default
process: metricbeat id: c8bdeb8c-399e-49f4-8362-f2955d14d246 ephemeral_id: a5a64bab-846e-4a49-89e9-6fec45e5cfbb elastic_license: true
version: 8.2.3 commit: 7826dc5e91c6e6d2487e05d3a8298f49041cd5c2 build_time: 2022-06-08 15:49:40 +0000 UTC binary_arch: amd64
hostname: BERLINER55 username: NT AUTHORITY\SYSTEM user_id: S-1-5-18 user_gid: S-1-5-18
* name: metricbeat route_key: default
process: metricbeat id: c8bdeb8c-399e-49f4-8362-f2955d14d246 ephemeral_id: a5a64bab-846e-4a49-89e9-6fec45e5cfbb elastic_license: true
version: 8.2.3 commit: 7826dc5e91c6e6d2487e05d3a8298f49041cd5c2 build_time: 2022-06-08 15:49:40 +0000 UTC binary_arch: amd64
hostname: BERLINER55 username: NT AUTHORITY\SYSTEM user_id: S-1-5-18 user_gid: S-1-5-18
* name: osquerybeat route_key: default
process: osquerybeat id: 63d4b038-dd23-4b38-a600-4b6cc8207829 ephemeral_id: 32d8d73c-ca99-4ba6-8082-bd3c887cab28 elastic_license: true
version: 8.2.3 commit: 7826dc5e91c6e6d2487e05d3a8298f49041cd5c2 build_time: 2022-06-08 15:43:52 +0000 UTC binary_arch: amd64
hostname: BERLINER55 username: NT AUTHORITY\SYSTEM user_id: S-1-5-18 user_gid: S-1-5-18
* name: packetbeat route_key: default
process: packetbeat id: c9672290-db27-4d94-acfa-14b01072b4d8 ephemeral_id: e6cef367-62ec-4fb5-84a4-36b4ad24b8bf elastic_license: true
version: 8.2.3 commit: 7826dc5e91c6e6d2487e05d3a8298f49041cd5c2 build_time: 2022-06-08 15:57:21 +0000 UTC binary_arch: amd64
hostname: BERLINER55 username: NT AUTHORITY\SYSTEM user_id: S-1-5-18 user_gid: S-1-5-18
* name: endpoint-security route_key: default
error: Get "http://npipe/": open \\.\pipe\default-endpoint-security: The system cannot find the file specified.
* name: filebeat route_key: default
process: filebeat id: 011233b5-696c-4403-af38-dc3db4db1224 ephemeral_id: 0ddfabf4-d7c2-4735-93a5-63e7e07c8113 elastic_license: true
version: 8.2.3 commit: 7826dc5e91c6e6d2487e05d3a8298f49041cd5c2 build_time: 2022-06-08 15:51:33 +0000 UTC binary_arch: amd64
hostname: BERLINER55 username: NT AUTHORITY\SYSTEM user_id: S-1-5-18 user_gid: S-1-5-18
diagnostics actually looks good, but I wonder about the endpoint-security error message.
Anyone knows what's going on?