I'm encounter a issue with the topbeat. I tried to ship the logs to logstash server on port 5043 and getting below on the client, while starting the topbeat. Both are rhel-6.5 virtual machines.
- logstash is running and able to telnet with logstash port 5043.
- firewall is off on both machines.
- selinux is disabled.
- copied the certificate on the client machine.
- logstash conf file:
input {
beats {
port => 5043
type => "logs"
ssl_certificate => "/etc/pki/tls/certs/logstash-forwarder.crt"
ssl_key => "/etc/pki/tls/private/logstash-forwarder.key"
}
}
output {
elasticsearch { host => localhost }
stdout { codec => rubydebug }
}
- topbeat config file:
input:
# In seconds, defines how often to read server statistics
period: 10
# Regular expression to match the processes that are monitored
# By default, all the processes are monitored
procs: [".*"]
# Statistics to collect (all enabled by default)
stats:
# per system statistics, by default is true
system: true
# per process statistics, by default is true
proc: true
# file system information, by default is true
filesystem: true
# cpu usage per core, by default is false
cpu_per_core: false
output:
logstash:
hosts: ["x.x.x.x:5043"]
index: topbeat
tls:
certificate_authorities: ["/etc/pki/tls/certs/logstash-forwarder.crt"]
logging:
rotateeverybytes: 10485760 # = 10MB
please help to solve this issue.