I am strugling to load visualizations and dashboards in ELK 6.x. This is running on Centos 7.
It seems from the docs that the load of winlogbeat dashboards come from the windows beat client. I cant get this to work. Below is the yml being used. When 'winlogbeat.exe setup --dashboards is executed, it fails and references localhost:9200 which is not specified in the yml.
All docs seem to point to a \scripts folder existing in the winlogbeat program files folder. This folder allegedly has import-dashboards.ps1. I have grabbed both 32-bit and 64-bit installers and this folder is not in the install archive.
winlogbeat.exe setup --dashboards is the right command to run.
During import first the version of Elasticsearch is checked. Based on your configuration you don't have an Elasticsearch instance. That's the error message you see I assume.
This is the error I get after making the changes noted below to the winlogbeat.yml
ERROR:
C:\Program Files\winlogbeat>winlogbeat.exe setup --dashboards
Exiting: Error importing Kibana dashboards: fail to create the Kibana loader: Er
ror creating Kibana client: fail to get the Kibana version:HTTP GET request to /
api/status fails: fail to execute the HTTP GET request: Get http://localhost:560
1/api/status: dial tcp 127.0.0.1:5601: connectex: No connection could be made be
cause the target machine actively refused it.. Response: .
I am looking at the implementation right now. It seems to me that there is at least one problem. The first one is that if the host does not include a port number, it defaults to 5601. That's not right.
I am still looking why it says localhost instead of your URL. We should continue the discussion on Github as it's clearly a bug.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.