Error when enrolloning Fleet on ELK

Hello, I hope you can help me. I have the following issue: I have successfully installed Elasticsearch and Kibana. Now I'm installing Fleet, but no matter what I do, I encounter the following error:
The instalation it's

curl -L -O https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-8.11.3-linux-x86_64.tar.gz
tar xzvf elastic-agent-8.11.3-linux-x86_64.tar.gz
cd elastic-agent-8.11.3-linux-x86_64
sudo ./elastic-agent install \
  --fleet-server-es=https://xx.xxx.133.xx:9200 \
  --fleet-server-service-token=AAEAAWVsYXN0aWdsadasVyL3Rva2VuLTE3MDM2MTQwMDIxNTY6MWhZa2w1WDZUbks5T09UTkl0WV94Zw \
  --fleet-server-policy=fleet-server-policy \
  --fleet-server-es-ca-trusted-fingerprint=2417043740b943ec205fc1583c00c3229d364e1b8ab05f2f293f590e22b6c522 \
  --fleet-server-port=8220

the anserwer it's

Elastic Agent will be installed at /opt/Elastic/Agent and will run as a service. Do you want to continue? [Y/n]:y
Copying files....................................................................................................................................................................................................................................................................................................... DONE
Installing service...... DONE
Starting service... DONE
Enrolling Elastic Agent with Fleet.............{"log.level":"info","@timestamp":"2023-12-26T18:46:52.845Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":411},"message":"Generating self-signed certificate for Fleet Server","ecs.version":"1.6.0"}
.........{"log.level":"info","@timestamp":"2023-12-26T18:46:55.474Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":788},"message":"Fleet Server - Running on policy with Fleet Server integration: fleet-server-policy; missing config fleet.agent.id (expected during bootstrap process)","ecs.version":"1.6.0"}
...{"log.level":"info","@timestamp":"2023-12-26T18:46:56.169Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":479},"message":"Starting enrollment to URL: https://hostname:8220/","ecs.version":"1.6.0"}
.Error: fail to enroll: fail to execute request to fleet-server: dial tcp xx.xxx.**132**.x:8220: connect: connection refused
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.11/fleet-troubleshooting.html
 FAILED
Stopping service.... DONE
Uninstalling...
   Stopping service... DONE
   Stopping upgrade watcher; none found... DONE
   Removing service..... DONE
   Removing install directory.... DONE
   DONE
Error: enroll command failed for unknown reason: exit status 1
For help, please see our troubleshooting guide at https://www.elastic.co/guide/en/fleet/8.11/fleet-troubleshooting.html

The difference I find in the response is that I don't know where it gets the IP x.x.132.x from because the IPs of Kibana and Elastic are x.x.133.x.

image1473×221 13.5 KB

The instalation its on a Azure VM, x.x.133.xx privated IP and https://xxx.xxx.xxx.224:5601/app/fleet/agents public IP

Help and thanks

If you check the settings in the fleet UI is that 132 address the address under the fleet configuration on the settings page?

Ie on the top of this page

image1361×1074 74.9 KB

I haven't reproduced this yet but you may just need to add --url https://fleetserver:8220 to your command (replacing fleetserver with the fleet server fqdn)

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.