Error: Cannot assign requested address (Docker)

Elastic Stack Logstash
1

Hello,

I'm running the Logtash image with the following:

docker run -it --rm -v "$PWD":/config-dir logstash -f /config-dir/logstash.conf

My logstash file is:

input {
    beats{
        host => "192.168.0.66"
        port => 5044
			}
    }

output {
    elasticsearch {
      hosts => [ "192.168.0.66:9200","192.168.0.66:9201","192.168.0.66:9202" ]
    }
}
  • Elasticsearch nodes are sitting on 192.168.0.66:9200,9201,9202.
  • Kibana on 192.168.0.66:5601
  • Logstash on 192.168.0.66:5044

What I am trying to do is send Filebeat (Snort) logs from 192.168.0.67 but no matter which IP I put in the input host, I still get the error.

Edit: Realised I didn't specify the docker network. However, the same issue still arises.

docker run --network es-net --rm -v "$PWD":/config-dir logstash -f /config-dir/logstash.conf

If I remove the host parameter, it starts on 0.0.0.0 which I still can not access on 192.168.0.66.

22:00:41.013 [[main]-pipeline-manager] INFO logstash.inputs.beats - Beats inputs: Starting input listener {:address=>"0.0.0.0:5044"}

2

Unless you run the container in host network mode you won't be able to bind to 192.168.0.66. I suggest you omit the host option so that Logstash listens on all network interfaces. If you want port 5044 in the Logstash container to be available on the host you need to publish the port. See https://docs.docker.com/config/containers/container-networking/.

3

Okay I removed the host input and changed my command to:
docker run -it --rm -p 5044:5044 -v "$PWD":/config-dir logstash -f /config-dir/logstash.conf
and it worked!

Thank you!

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.