Cannot get winlogbeats to send to logstash

L33T · March 7, 2017, 11:44am

Hi,

Trying to get a new installation up and running but getting the following in my winlogbeats log:

2017-03-07T11:25:46Z ERR Connecting error publishing events (retrying): Get http://192.168.50.181:9200: dial tcp 192.168.50.181:9200: connectex: No connection could be made because the target machine actively refused it.

my configs are:

WinLogBeat:

#----------------------------- Logstash output --------------------------------
#output.logstash:
  # The Logstash hosts
  hosts: ["192.168.50.181:5044"]

  # Optional SSL. By default is off.
  # List of root certificates for HTTPS server verifications
  #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]

  # Certificate for SSL client authentication
  #ssl.certificate: "/etc/pki/cl
  ient/cert.pem"

  # Client Certificate Key
  #ssl.key: "/etc/pki/client/cert.key"

Logstash Config:

input {
  beats {
	port => 5044
  }
}

output {
  elasticsearch {
    hosts => "localhost:9200"
    manage_template => false
    index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
    document_type => "%{[@metadata][type]}"
  }
}

Regards,

andrewkroh · March 11, 2017, 12:01am

Based on the log message you provided you still have Winlogbeat configured to output to elasticsearch.

Make sure you comment out or completely remove the output.elasticsearch options. And then you need to uncomment the output.logstash line.

system · April 8, 2017, 12:01am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can't get winlogbeat to send logs Beats winlogbeat	6	3465	July 12, 2017
Winlogbeats not working with SSL configuration to Logstash Beats winlogbeat	18	6320	May 2, 2018
Unable to Send Windows Events to Logstash-WinlogBeats S0LVED Beats	2	521	April 27, 2019
Winlogbeat configuration issues Beats winlogbeat	5	947	March 10, 2017
Winlogbeat to Logstash over SSL Logstash	12	268	February 13, 2023

Cannot get winlogbeats to send to logstash

Related topics