Hello,
I work with self-managed stack v7.16.1
I have a probleme with endpoint security deployment
elastic-agent diagnostics give for endpoint this error:
elastic-agent diagnostics
* name: endpoint-security route_key: default
error: Get "http://unix/": dial unix /opt/Elastic/Agent/data/tmp/default/endpoint-security/endpoint-security.sock: connect: no such file or directory
When i look at the path, endpoint-security folder is missing.
I have been looking for quite a time now, and i don't know where the probleme comes from
I also have metricbeat and filebeat deployed with elastic-agent but they are wotking well
The status command shows everything is healthy
elastic-agent status
Status: HEALTHY
Message: (no message)
Applications:
* filebeat_monitoring (HEALTHY)
Running
* metricbeat_monitoring (HEALTHY)
Running
* endpoint-security (HEALTHY)
Protecting with policy {42c1253e-7dc2-42be-9189-f6542bb8fcd9}
* filebeat (HEALTHY)
Running
* metricbeat (HEALTHY)
Running
elastic-agent diagnostics
elastic-agent version: 7.16.1
build_commit: 7e56c4a053a2fe26c0cac168dd974780428a2aa6 build_time: 2021-12-11 05:09:58 +0000 UTC snapshot_build: false
Applications:
* name: metricbeat_monitoring route_key: default
process: metricbeat id: 36caf419-861a-4f30-88bd-db3fc7db840f ephemeral_id: c2cdc157-f319-4d5c-b1ef-23ffe08ba4c1 elastic_license: true
version: 7.16.1 commit: 7e56c4a053a2fe26c0cac168dd974780428a2aa6 build_time: 2021-12-11 02:01:45 +0000 UTC binary_arch: amd64
hostname: socket-server-dev-joci username: root user_id: 0 user_gid: 0
* name: endpoint-security route_key: default
error: Get "http://unix/": dial unix /opt/Elastic/Agent/data/tmp/default/endpoint-security/endpoint-security.sock: connect: no such file or directory
* name: filebeat route_key: default
process: filebeat id: f24b7fd7-9856-4a4c-8a19-6bddfee97b72 ephemeral_id: 741a6957-b853-49c4-8ff9-b757d25e61ab elastic_license: true
version: 7.16.1 commit: 7e56c4a053a2fe26c0cac168dd974780428a2aa6 build_time: 2021-12-11 01:49:16 +0000 UTC binary_arch: amd64
hostname: socket-server-dev-joci username: root user_id: 0 user_gid: 0
* name: metricbeat route_key: default
process: metricbeat id: 36caf419-861a-4f30-88bd-db3fc7db840f ephemeral_id: c2cdc157-f319-4d5c-b1ef-23ffe08ba4c1 elastic_license: true
version: 7.16.1 commit: 7e56c4a053a2fe26c0cac168dd974780428a2aa6 build_time: 2021-12-11 02:01:45 +0000 UTC binary_arch: amd64
hostname: socket-server-dev-joci username: root user_id: 0 user_gid: 0
* name: filebeat_monitoring route_key: default
process: filebeat id: f24b7fd7-9856-4a4c-8a19-6bddfee97b72 ephemeral_id: 741a6957-b853-49c4-8ff9-b757d25e61ab elastic_license: true
version: 7.16.1 commit: 7e56c4a053a2fe26c0cac168dd974780428a2aa6 build_time: 2021-12-11 01:49:16 +0000 UTC binary_arch: amd64
hostname: socket-server-dev-joci username: root user_id: 0 user_gid: 0
I'm managing everything from Kibana
Elastic config output:
api_key: "api_key"
ssl:
certificate_authorities: ["/etc/ssl/es/ca.crt"]
certificate: "/etc/ssl/es/beats.crt"
key: "/etc/ssl/es/beats.key"
Thanks in advance,