ECE 2.0 / Deployment version 6.5 / Cloud ID netflow setup


#1

Hello, I hope the issue is something simple I'm just overlooking. I will hopefully give all details needed right away. :slight_smile:

Environment: FLAWLESS install of the instructions listed for the Large Deployment.

Cluster (9 Servers): Ubuntu 16.04.5 / ECE 2.0 / ES 6.4.2 / Kibana 6.4.2

Install went flawless and access to the clusters were on http/https port 12400/12443 respectively.

Created a deployment and to access the Elasticsearch/Kibana instances they are accessed from https port 9243 by default and do not see any way to change this.

Remote Logging Server:

Standalone: Ubuntu 16.04.4 w/ Logstash 6.4.2-1

Logstash Config: logstash.yml (Defaults except for what Kibana gave for instructions for netflow)
modules:
- name: netflow
var.input.udp.port: 2055
cloud.id: "Correct and copied from Kibana instance from step #3 (Edit the configuration)"
cloud.auth: "elastic:"

Exact command executed from path /usr/share/logstash:
sudo ./bin/logstash --path.settings /etc/logstash --modules netflow --setup

After running that command I get the below messages.
Sending Logstash logs to /var/log/logstash which is now configured via log4j2.properties [2018-11-02T15:55:47,954][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified [2018-11-02T15:55:48,739][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"6.4.2"} [2018-11-02T15:55:49,051][INFO ][logstash.config.modulescommon] Setting up the netflow module [2018-11-02T15:55:50,137][ERROR][logstash.modules.kibanaclient] Error when executing Kibana client request {:error=>#<Manticore::SocketException: Connection refused (Connection refused)>} [2018-11-02T15:55:50,339][ERROR][logstash.modules.kibanaclient] Error when executing Kibana client request {:error=>#<Manticore::SocketException: Connection refused (Connection refused)>} [2018-11-02T15:55:50,516][ERROR][logstash.config.sourceloader] Could not fetch all the sources {:exception=>LogStash::ConfigLoadingError, :message=>"Failed to import module configurations to Elasticsearch and/or Kibana. Module: netflow has Elasticsearch hosts: [\"https://<removed>.ip.es.io:443\"] and Kibana hosts: [\"<removed>.ip.es.io:443\"]", :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/config/modules_common.rb:108:inblock in pipeline_configs'", "org/jruby/RubyArray.java:1734:in each'", "/usr/share/logstash/logstash-core/lib/logstash/config/modules_common.rb:54:inpipeline_configs'", "/usr/share/logstash/logstash-core/lib/logstash/config/source/modules.rb:14:in pipeline_configs'", "/usr/share/logstash/logstash-core/lib/logstash/config/source_loader.rb:61:inblock in fetch'", "org/jruby/RubyArray.java:2481:in collect'", "/usr/share/logstash/logstash-core/lib/logstash/config/source_loader.rb:60:infetch'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:142:in converge_state_and_update'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:93:inexecute'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:362:in block in execute'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:24:inblock in initialize'"]}
[2018-11-02T15:55:50,526][ERROR][logstash.agent ] An exception happened when converging configuration {:exception=>RuntimeError, :message=>"Could not fetch the configuration, message: Failed to import module configurations to Elasticsearch and/or Kibana. Module: netflow has Elasticsearch hosts: ["https://.ip.es.io:443"] and Kibana hosts: [".ip.es.io:443"]", :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/agent.rb:149:in converge_state_and_update'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:93:inexecute'", "/usr/share/logstash/logstash-core/lib/logstash/runner.rb:362:in block in execute'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/stud-0.0.23/lib/stud/task.rb:24:inblock in initialize'"]}
[2018-11-02T15:55:50,841][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
`
Please forgive the formatting.

If you look the address its trying to get to is port 443 and NOT port 9243.

Can anybody tell me what the answer is? I cannot find anything on this and yes I've tried. Its something I'm missing since I can't tell if anyone else is having this issue and this is the only hiccup so far. :frowning:

Thanks!
Jim


#2

I started a Cloud Trial and used the same system as I used above and everything worked correctly. In fact it said it was communicating with port 443. Well, mine isn't listening on port 443 even though the documentation says that it will also work on that port.

What I'm trying to find out is, what am I missing to get this to work locally in my own cloud?


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.