Hi All. first time with this ELK system, running WS2016, i have installed Kibana, logstash and winlogbeat, all version 7.3 all of the services are up and working.
_cat/indices?v
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open .kibana_task_manager CCedQtRoQ4mHI5MqR2ifeg 1 0 2 0 45.6kb 45.6kb
green open .kibana_1 UkqPQYgXT2-t_8STZfhu8g 1 0 4 1 24.6kb 24.6kb
I guess because i can't see my winlogbeat - this is why it is not passing any data, any help will be much appreciated.
thanks
I haved looked at the winlogbeat log and i am getting this error.
Failed to connect to backoff(async(tcp://10.101.10.10:5044)): dial tcp 10.101.10.10:5044: connectex: No connection could be made because the target machine actively refused it.
2019-08-10T14:19:26.785+0100 INFO pipeline/output.go:93 Attempting to reconnect to backoff(async(tcp://10.200.198.67:5044)) with 46 reconnect attempt(s)
can you share the output configuration to winlogbeat? You are writing to logstash it seems. How is logstash configured? Are you seeing any data on the logstash side of things? It seems, as if logstash is not properly set up or not running on that port, from what I interpret out of that single log line.
I am using Ws2016 and did not have the correct version of java installed, had version 8, once i upgraded to 11.04 port 5044 opened on the logstash and i am now getting logs, -
on a separate discussion, it does look to me that ELK services runs better on linux than windows - your thoughts ?
cheers
glad you got it working. Pretty much all parts of the stack are tested under windows as well. However from my personal experience (and thus total biased) I would say there are far more people running the stack under linux, which just makes it easier for many to debug issues who do not feel home with windows based systems, like myself.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.