_cat/indices?v - no winlogbeat

james_007 · August 10, 2019, 1:21pm

Hi All. first time with this ELK system, running WS2016, i have installed Kibana, logstash and winlogbeat, all version 7.3 all of the services are up and working.

_cat/indices?v
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open .kibana_task_manager CCedQtRoQ4mHI5MqR2ifeg 1 0 2 0 45.6kb 45.6kb
green open .kibana_1 UkqPQYgXT2-t_8STZfhu8g 1 0 4 1 24.6kb 24.6kb

I guess because i can't see my winlogbeat - this is why it is not passing any data, any help will be much appreciated.
thanks

I haved looked at the winlogbeat log and i am getting this error.

Failed to connect to backoff(async(tcp://10.101.10.10:5044)): dial tcp 10.101.10.10:5044: connectex: No connection could be made because the target machine actively refused it.
2019-08-10T14:19:26.785+0100 INFO pipeline/output.go:93 Attempting to reconnect to backoff(async(tcp://10.200.198.67:5044)) with 46 reconnect attempt(s)

it looks like port 5044 is not open, netstat -a

Any ideas ?

spinscale · August 12, 2019, 8:03am

Hey,

can you share the output configuration to winlogbeat? You are writing to logstash it seems. How is logstash configured? Are you seeing any data on the logstash side of things? It seems, as if logstash is not properly set up or not running on that port, from what I interpret out of that single log line.

--Alex

james_007 · August 13, 2019, 2:57pm

Hey Alex - thanks for the reply

I am using Ws2016 and did not have the correct version of java installed, had version 8, once i upgraded to 11.04 port 5044 opened on the logstash and i am now getting logs, -

on a separate discussion, it does look to me that ELK services runs better on linux than windows - your thoughts ?
cheers

spinscale · August 14, 2019, 7:12am

Hey,

glad you got it working. Pretty much all parts of the stack are tested under windows as well. However from my personal experience (and thus total biased) I would say there are far more people running the stack under linux, which just makes it easier for many to debug issues who do not feel home with windows based systems, like myself.

--Alex

james_007 · August 19, 2019, 6:46am

Alex - noted: i shall deploy an Linux version