Hello - I'm new to this, just getting started installing the ELK stack on Ubuntu 20.04. Everything is running on that one server for now (though eventually we will want to look at a production version with a cluster, but for now this is fine) I'm following a tutorial:
Everything has been ok, up until this:
root@snipe:~# sudo filebeat setup --pipelines --modules system
Exiting: Couldn't connect to any of the configured Elasticsearch hosts. Errors: [Error connection to Elasticsearch http://localhost:5044: Get http://localhost:5044: read tcp 127.0.0.1:43464->127.0.0.1:5044: read: connection reset by peer]
As per the instructions I had already edited /etc/filebeat/filebeat.yml
I commented out:
#output.elasticsearch:
# Array of hosts to connect to.
#hosts: ["localhost:9200"]
And uncommented
output.logstash:
# The Logstash hosts
hosts: ["localhost:5044"]
But still the error message. Any idea what I may have missed? Or where I should look?
Ah really?! Access control was something that I was a bit concerned about - is that a new(ish) thing? I'll dig around the docs for that stuff.
Oh and it's working now - as you said, once I re-enabled elasticsearch as an output I could run that command, then I could follow on with the rest of the tutorial - thank you!
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.