I'm trying to start ES bound to the proper IP in effort to follow the Getting Started Guide for Filebeats. I'm attempting to send syslog information from another server to this ES/Kiabana server. When I start the ES service, I get this error in the logs. I can't seem to find anything specific I need to change.
[2018-05-02T08:36:46,048][ERROR][o.e.b.Bootstrap ] [wPTvoIB] node validation exception
[1] bootstrap checks failed
[1]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
You may want to look over all of the bootstrap checks just to see what Elasticsearch requires at startup, but the specific one you're hitting here is the system call filter check. This is Elasticsearch attempting to work under extra security (seccomp) and being unable to, possibly because you don't have seccomp compiled in your kernel. The docs for the system call filter bootstrap check state how to disable this (bootstrap.system_call_filter: false), but I'd recommend instead looking to make sure seccomp is enabled so you're not sidestepping recommended security features.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.