I m trying to integrate elastic endpoint security into my ELK stack, i have successfully install fleet and elastic agent to my endpoint but the issue is endpoint is not appearing in endpoint management in kibana.
But endpoint is working fine it blocking threats showing alerts etc but not appearing in management so i can't isolate host through elastic endpoint .
When i restart fleet agent the host appear in management but after 3 min they disappeared and show an error " [elastic_agent][error] Could not communicate with fleet-server Checking API will retry, error: fail to checkin to fleet-server: Post "https://x.x.x.x:8220/api/fleet/agents/4a94fbb2-5074-448d-9fc4-0da3154e8863/checkin?": dial tcp x.x.x.x:8220: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond." . There is no communication restriction between them.
Since Windows works by CentOS does not it sounds like this could be an SSL certificate issue. Are you using a self signed certificate for your Elastic stack? Can you reach Fleet using curl -v https://fleet-host:8820?
Did you do anything so the Windows machines can reach Fleet? Either the self signed certificates certificate authority needs to be added to the host machines or your Fleet configuration needs to be modified to share the certificate or alter the SSL verification options.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.